API Documentation
Namespaces
Interfaces, Classes, Traits and Enums
- ServerProfilePersistenceStrategy
- Interface to store server profiles.
- passwordService
- This interface needs to be implemented by all account modules which manage passwords.
- AccountStatusProvider
- Provides module information about the status of an LDAP account.
- SelfServicePersistenceStrategy
- Interface for self service profile persistence.
- SelfServiceLoginHandler
- Login handler for self service
- samba3domain
- Represents a Samba 3 domain entry
- moduleCache
- Caches module objects.
- LAMException
- LAM exception with title and message.
- baseModule
- Parent class of all account modules.
- baseType
- This is the parent class of all account types.
- LAMLanguage
- Represents a supported language.
- ServerProfilePersistenceManager
- Manages the persistence of server profiles.
- ServerProfilePersistenceStrategyFiles
- Uses local file system to store server profiles.
- ServerProfilePersistenceStrategyPdo
- Stores server profiles in a database.
- LAMConfig
- This class manages conf files.
- LAMCfgMain
- This class manages config.cfg.
- htmlElement
- Represents a HTML element.
- htmlTable
- Structures elements using a table.
- htmlDataTable
- Table component for client-side controlled data tables.
- htmlDataTableColumn
- Column for data table.
- htmlInputField
- A standard input field.
- htmlHelpLink
- Renders a help link.
- htmlButton
- Simple button.
- htmlAccountPageButton
- Prints a button for the account pages.
- htmlSelect
- Represents a select box.
- htmlRadio
- Represents a radio selection.
- htmlOutputText
- Prints the text and escapes contained HTML code by default.
- htmlInputCheckbox
- Prints the HTML code for a checkbox.
- htmlInputFileUpload
- Prints the HTML code for a file upload field.
- htmlInputTextarea
- Prints the HTML code for a textarea.
- htmlInputColorPicker
- Prints the HTML code for a color picker field.
- htmlResponsiveInputColorPicker
- Color picker with descriptive label and help link.
- htmlImage
- Prints the HTML code for an image.
- htmlSpacer
- Adds an empty space with given width and height.
- htmlStatusMessage
- Prints a status message (e.g. error message).
- htmlTitle
- Generates a title line. This is used for page titles.
- htmlSubTitle
- Generates a subtitle line. This is used to group multiple fields.
- htmlHiddenInput
- Generates a hidden input field.
- htmlLink
- Generates a link.
- htmlContentLink
- Generates a link around a htmlElement.
- htmlGroup
- Groups multiple htmlElements.
- htmlHorizontalLine
- Prints a horizontal line.
- htmlDiv
- Creates a simple DIV element.
- htmlSpan
- Creates a simple SPAN element.
- htmlJavaScript
- Creates a JavaScript element.
- htmlIframe
- Creates a iframe element.
- htmlScript
- Creates a Script element to integrate external JavaScript files.
- htmlLinkCss
- Creates a link element to integrate external CSS files.
- htmlSortableList
- Creates a list of elements that can be sorted by the user via drag'n'drop.
- htmlAccordion
- Creates a list of content elements in accordion style.
- htmlResponsiveRow
- Responsive row with 12 column layout.
- htmlResponsiveCell
- Responsive cell inside htmlResponsiveRow with 12 column layout.
- htmlResponsiveInputField
- A responsive input field that combines label, input field and help.
- htmlResponsiveInputFileUpload
- File upload with descriptive label and help link.
- htmlResponsiveInputTextarea
- Responsive text area with label and help link.
- htmlResponsiveSelect
- Responsive select with label and help link.
- htmlResponsiveRadio
- Responsive select with label and help link.
- htmlResponsiveInputCheckbox
- Responsive checkbox with descriptive label and help link.
- htmlResponsiveTable
- Responsive table.
- htmlCanvas
- Renders a canvas.
- htmlVideo
- Renders a video.
- htmlForm
- Creates a form element for POST.
- htmlList
- Represents a (un)ordered list.
- htmlLabel
- Represents a label.
- htmlProgressbar
- Represents a progress bar.
- Ldap
- Ldap manages connection to LDAP and includes several helper functions.
- lamList
- Generates the list view.
- lamListTool
- Represents a tool which can be included in the account lists.
- lamListOption
- Represents a list configuration option.
- lamBooleanListOption
- Boolean option for list configuration.
- lamSelectListOption
- Boolean option for list configuration.
- account
- Manages the object class "account" for users and hosts.
- asteriskAccount
- Manages the Asterisk extension of user accounts.
- asteriskExtension
- Manages Asterisk extensions.
- asteriskVoicemail
- Manages the Asterisk extension of user accounts.
- authorizedServiceObject
- Provides Authorized Service for accounts.
- courierMailAccount
- Courier mail extension for users.
- courierMailAlias
- Enable the account for Courier Mail Service Aliases
- ddns
- Manages DDNS entries.
- dhcp_settings
- Manages DHCP entries.
- eduPerson
- Manages the eduPerson extension for user accounts.
- fixed_ip
- Manages DHCP host entries.
- freeRadius
- Manages FreeRadius accounts.
- FreeRadiusAccountExpirationCleanupJob
- Job to delete or move users on account expiration.
- FreeRadiusAccountExpirationNotifyJob
- Job to notify users about account expiration.
- generalInformation
- Shows general information like the creation time of an account.
- hostObject
- Manages the hosts to which a user may login.
- ieee802device
- Provides MAC addresses for hosts.
- imapAccess
- Manages mailboxes on an IMAP server.
- inetLocalMailRecipient
- Provides mail routing for users.
- inetOrgPerson
- This module manages LDAP attributes of the object class inetOrgPerson (e.g. name and address).
- kolabGroup
- Manages Kolab group accounts.
- kolabSharedFolder
- Manages Kolab shared folders.
- kolabUser
- Manages Kolab user accounts.
- ldapPublicKey
- Manages SSH public keys.
- nisMailAlias
- Provides NIS mail alias management.
- nisMailAliasUser
- Provides NIS mail alias management.
- nisnetgroup
- Manages entries based on the object class nisNetgroup.
- nisNetGroupHost
- Manages memberships in NIS net groups.
- nisNetGroupUser
- Manages memberships in NIS net groups.
- posixAccount
- Manages the object class "posixAccount" for users and hosts.
- posixGroup
- Manages the object class "posixGroup" for groups.
- puppetClient
- Manages Puppet configuration options.
- pykotaBillingCode
- Manages PyKota billing codes.
- pykotaGroup
- Manages PyKota group accounts.
- pykotaGroupStructural
- Manages PyKota group accounts.
- pykotaPrinter
- Manages PyKota printers.
- pykotaUser
- Manages PyKota user accounts.
- pykotaUserStructural
- Manages PyKota user accounts.
- quota
- Manages quotas for users and groups.
- range
- Manages DHCP ranges for DHCP server.
- sambaDomain
- Manages Samba 3 domain entries.
- sambaGroupMapping
- Manages the object class "sambaGroupMapping" for groups.
- sambaMungedDial
- Manages terminal server settings for Samba 3.
- sambaSamAccount
- Manages the object class "sambaSamAccount" for users and hosts.
- shadowAccount
- Manages the object class "shadowAccount" for users.
- ShadowAccountPasswordNotifyJob
- Job to notify users about password expiration.
- ShadowAccountExpirationNotifyJob
- Job to notify users about account expiration.
- ShadowAccountExpirationCleanupJob
- Job to delete or move users on account expiration.
- systemQuotas
- Manages user quotas with the object class systemQuotas.
- windowsGroup
- Manages Windows AD (e.g. Samba 4) groups.
- windowsHost
- Manages Windows AD (e.g. Samba 4) hosts.
- windowsPosixGroup
- Manages Unix groups in Windows LDAP schema.
- windowsUser
- Manages Windows AD (e.g. Samba 4) users.
- WindowsPasswordNotifyJob
- Job to notify users about password expiration.
- WindowsManagedGroupsNotifyJob
- Job to notify users about their managed groups.
- WindowsAccountExpirationNotifyJob
- Job to notify users about account expiration.
- WindowsAccountExpirationCleanupJob
- Job to delete or move users on account expiration.
- yubiKeyUser
- Manages YubiKey keys.
- accountContainer
- This class includes all modules and attributes of an account.
- PasswordQuickChangeOption
- Option for the password quick change page.
- AccountStatus
- Provides the complete information about the status of an LDAP account.
- AccountStatusDetails
- ScopeAndModuleValidation
- Validation of scope and module names.
- LamTemporaryFilesManager
- Manages temporary files.
- SelfServicePersistence
- Manages reading and writing self service profiles.
- SelfServicePersistenceStrategyFileSystem
- Uses local file system for storing self service profiles.
- SelfServicePersistenceStrategyPdo
- Uses PDO for storing self service profiles.
- selfServiceProfile
- Includes all settings of a self service profile.
- SelfServiceLdapConnection
- LDAP connection for self service.
- SelfServiceUserPasswordLoginHandler
- Performs login with user and password.
- SelfServiceHttpAuthLoginHandler
- Performs login with HTTP authentication.
- SelfService2FaLoginHandler
- Performs login with pure 2FA.
- LAMTool
- Represents a tool.
- LAMSubTool
- Represents a subtool.
- asteriskExt
- The account type for Asterisk extensions.
- lamAsteriskExtList
- Generates the list view.
- dhcp
- The account type for DHCP
- lamDHCPList
- Generates the list view.
- group
- The account type for group accounts (e.g. Unix and Samba).
- lamGroupList
- Generates the list view.
- host
- The account type for host accounts (e.g. Samba).
- lamHostList
- Generates the list view.
- kolabSharedFolderType
- The account type for Kolab shared folders.
- kolabSharedFolderTypeList
- Generates the list view.
- mailAlias
- The account type for mail aliases.
- lamMailAliasList
- Generates the list view.
- netgroup
- The account type for NIS netgroups.
- lamNetgroupList
- Generates the list view.
- pykotaBillingCodeType
- The account type for PyKota billing codes.
- lamPykotaBillingCodeTypeList
- Generates the list view.
- pykotaPrinterType
- The account type for PyKota printers.
- lamPykotaPrinterTypeList
- Generates the list view.
- smbDomain
- The account type for Samba domains.
- lamSmbDomainList
- Generates the list view.
- user
- The account type for user accounts (e.g. Unix, Samba and Kolab).
- lamUserList
- Generates the list view.
- altSecurityIdentities
- Manages SSH public keys on Windows/Samba 4.
Table of Contents
- ADD = 'add'
- DEL = 'del'
- LAMPDF_FONT_SIZE = 7
- font size
- LAMPDF_FONT_SIZE_BIG = 10
- font size for bigger text
- LAMPDF_LABELWIDTH = 50
- width of a label
- LAMPDF_LINEHEIGHT = 5
- line height
- LAMPDF_LINEWIDTH = 190
- line width
- MOD = 'mod'
- SAMBA_MUNGEDDIAL_FILEHEADER = "20002000200020002000200020002000" . "20002000200020002000200020002000" . "20002000200020002000200020002000" . "20002000200020002000200020002000" . "20002000200020002000200020002000" . "20002000200020002000200020002000" . "5000"
- File header
- SAMBA_MUNGEDDIAL_FILEHEADER_OLD = "6d000800200020002000200020002000" . "20002000200020002000200020002000" . "20002000200020002000200064000100" . "20002000200020002000200020002000" . "20002000200020002000200020002000" . "20002000200020002000200020002000" . "50001000"
- File header for old format.
- STAGE_ACTIONS_CALCULATED = 'actionsCalculated'
- STAGE_FINISHED = 'finished'
- STAGE_READ_FINISHED = 'readFinished'
- STAGE_START = 'start'
- STAGE_WRITING = 'writing'
- array_delete() : array<string|int, mixed>
- This function will return all values from $array without values of $values.
- in_array_ignore_case() : mixed
- Checks if a string exists in an array, ignoring case.
- getdays() : number
- This function will return the days from 1.1.1970 until now.
- smbflag() : string
- Takes a list of Samba flags and creates the corresponding flag string.
- ntPassword() : string
- Generates the NT hash of a password.
- pwd_hash() : string
- Returns the hash value of a plain text password.
- getHashType() : string
- Returns the hash type of the given password hash.
- getSupportedHashTypes() : array<string|int, mixed>
- Returns the list of supported hash types (e.g. SSHA).
- generateSalt() : string
- Calculates a password salt of the given length.
- pwd_enable() : string
- Marks an password hash as enabled and returns the new hash string
- pwd_disable() : string
- Marks an password hash as disabled and returns the new hash string
- pwd_is_lockable() : bool
- Checks if a Unix password can be locked.
- pwd_is_enabled() : bool
- Checks if a password hash is enabled/disabled
- generateRandomPassword() : string
- Generates a random password with 14 digits by default.
- generateRandomText() : string
- Generates a random text with 20 letters by default.
- checkPasswordHash() : bool
- Checks if the given password matches the crypto hash.
- getNumberOfCharacterClasses() : int
- Returns the number of character classes in a password.
- search_domains() : array<string|int, mixed>
- Returns an array with all Samba 3 domain entries under the given suffix
- get_preg() : bool
- Checks if a given value matches the selected regular expression.
- convertCommaEscaping() : string
- Converts the comma escaping from Windows to OpenLDAP style.
- connectToLDAP() : mixed
- Connects to an LDAP server using the given URL.
- searchLDAPByAttribute() : array<string|int, mixed>
- This will search the given LDAP suffix for all entries which have the given attribute.
- searchLDAPByFilter() : array<string|int, mixed>
- This will search the given LDAP suffix for all entries which match the given filter.
- searchLDAP() : array<string|int, mixed>
- Runs an LDAP search.
- getLDAPServerHandle() : handle
- Returns the LDAP server handle.
- searchLDAPPaged() : array<string|int, mixed>
- Runs an LDAP search and uses paging if configured.
- ldapGetDN() : array<string|int, mixed>|null
- Returns the given DN.
- ldapListDN() : array<string|int, mixed>
- Returns the DN and children of a given DN.
- deleteDN() : array<string|int, mixed>
- Deletes a DN and all child entries.
- copyDnRecursive() : void
- Performs a recursive copy from old DN under target DN.
- moveDn() : void
- Moves an LDAP entry.
- getLastLDAPError() : array<string|int, mixed>
- Returns the parameters for a StatusMessage of the last LDAP search.
- cleanLDAPResult() : mixed
- Cleans the result of an LDAP search.
- getAbstractDN() : string
- Transforms a DN into a more user friendly format.
- unescapeLdapSpecialCharacters() : string
- Unescapes LDAP special characters for readability.
- unescapeLdapSpecialCharactersCallback() : string
- Callback function for unescaping DN.
- compareDN() : int
- Helper function to sort DNs.
- compareLDAPEntriesByDn() : int
- Helper function to sort LDAP entries by DN.
- formatLDAPTimestamp() : string
- Formats an LDAP time string (e.g. from createTimestamp).
- parseLDAPTimestamp() : DateTime
- Parses an LDAP time stamp and returns a DateTime in current time zone.
- obfuscateText() : mixed
- Simple function to obfuscate strings.
- deobfuscateText() : mixed
- Simple function to deobfuscate strings.
- isObfuscatedText() : bool
- Checks if the given text is obfuscated.
- extractRDNAttribute() : string
- Extracts the RDN attribute name from a given DN.
- extractRDNValue() : string
- Extracts the RDN attribute value from a given DN.
- extractRDN() : string|null
- Extracts the RDN part of the DN.
- extractDNSuffix() : string
- Extracts the DN suffix from a given DN.
- testSmtpConnection() : void
- Checks if the SMTP connection with the given settings is fine.
- sendPasswordMail() : array<string|int, mixed>
- Sends the password mail.
- sendEMail() : mixed
- Sends out an email.
- isCommandlineSafeEmailAddress() : bool
- Checks if an email address is safe for use on commandline
- getRandomNumber() : int
- Returns a random number.
- getLDAPSSLCertificate() : mixed
- Connects to the LDAP server and extracts the certificates.
- getExtendedLDAPErrorMessage() : string
- Returns the extended LDAP error message if any.
- getDefaultLDAPErrorString() : string
- Returns the default error message to display on the web page.
- ldapIsPasswordExpired() : bool
- Returns if the last LDAP error was due to expired password or forced password change (AD only).
- getExtraInvalidCredentialsMessage() : string
- Tries to get additional information why invalid credentials was returned. E.g. account is locked.
- getCallingURL() : string
- Returns the URL under which the page was loaded.
- getTimeZoneOffsetHours() : int
- Returns the offset in hours from configured time zone to GMT.
- getTimeZone() : DateTimeZone
- Returns the configured time zone.
- getFormattedTime() : mixed
- Returns the current time in formatted form.
- formatSecondsToShortFormat() : string
- Formats a number of seconds to a more human readable format with minutes, hours, etc.
- unformatShortFormatToSeconds() : int
- Unformats text like 1m10s back to number of seconds.
- enforceUserIsLoggedIn() : mixed
- Checks if the user is logged in. Stops script execution if not.
- printHeaderContents() : mixed
- Prints the content of the header part.
- printJsIncludes() : mixed
- Prints script tags for all LAM JS files.
- convertUtf8ToUtf16Le() : mixed
- Converts an UTF-8 string to UTF16LE.
- getLAMVersionText() : string
- Returns the text with LAM and its version for header area.
- isDeveloperVersion() : bool
- Returns if the given release is a developer version.
- setSSLCaCert() : mixed
- Sets the environment variables for custom SSL CA certificates.
- setlanguage() : mixed
- Sets language settings for automatic translation
- checkChmod() : mixed
- Checks whether a specific flag in the rights string is set.
- LAMVersion() : string
- Returns the version number of this LAM installation.
- extractConfigOptionsFromPOST() : array<string|int, mixed>
- Extracts config options from HTTP POST data.
- metaRefresh() : mixed
- Prints a meta refresh page
- isAccountTypeHidden() : bool
- Checks if the given account type is hidden.
- getLanguages() : array<string|int, LAMLanguage>
- Returns a list of all supported languages.
- htmlGetRequiredMarker() : string
- Returns the marker for required values.
- htmlGetRequiredMarkerElement() : htmlSpan
- Returns the marker for required values.
- check_ip() : mixed
- Checks if the given IP is valid.
- getModuleAlias() : string|null
- Returns the alias name of a module
- is_base_module() : bool
- Returns true if the module is a base module
- get_ldap_filter() : string
- Returns the LDAP filter used by the account lists
- getRDNAttributes() : array<string|int, mixed>
- Returns a list of LDAP attributes which can be used to form the RDN.
- getModulesDependencies() : array<string|int, mixed>
- Returns a hash array (module name => dependencies) of all module dependencies
- check_module_depends() : mixed
- Checks if there are missing dependencies between modules.
- check_module_conflicts() : bool
- Checks if there are conflicts between modules
- getAvailableModules() : array<string|int, mixed>
- Returns an array with all available user module names
- getAllModules() : array<string|int, baseModule>
- Returns an array with all modules.
- getProfileOptions() : array<string|int, mixed>
- Returns the elements for the profile page.
- checkProfileOptions() : array<string|int, mixed>
- Checks if the profile options are valid
- getConfigOptions() : array<string|int, mixed>
- Returns a hash array (module name => elements) of all module options for the configuration page.
- checkConfigOptions() : array<string|int, mixed>
- Checks if the configuration options are valid
- getHelp() : array<string|int, mixed>
- Returns a help entry from an account module.
- getAvailablePDFFields() : array<string|int, mixed>
- Returns a list of available PDF entries.
- getUploadColumns() : array<string|int, mixed>
- Returns an array containing all input columns for the file upload.
- buildUploadAccounts() : mixed
- This function builds the LDAP accounts for the file upload.
- doUploadPreActions() : array<string|int, mixed>
- Runs any actions that need to be done before an LDAP entry is created.
- doUploadPostActions() : array<string|int, mixed>
- This function executes one post upload action.
- getRequiredExtensions() : array<string|int, mixed>
- Returns true if the module is a base module
- parseHtml() : array<string|int, mixed>
- Takes a list of meta-HTML elements and prints the equivalent HTML output.
- lamCompareDescriptiveOptions() : int
- Helper function to sort descriptive options in parseHTML().
- printHelpLink() : mixed
- Prints a LAM help link.
- lam_start_session() : mixed
- Starts a session and sets the cookie options.
- lamDefaultCookieOptions() : array<string|int, mixed>
- startSecureSession() : bool
- Starts a session and checks the environment.
- isFileBasedSession() : bool
- Returns if the session uses files storage.
- checkClientIP() : mixed
- Checks if the client's IP address is on the list of allowed IPs.
- logoffAndBackToLoginPage() : mixed
- Logs off the user and displays the login page.
- isDebugLoggingEnabled() : bool
- Returns if debug messages are to be logged.
- logNewMessage() : void
- Puts a new message in the log file.
- checkIfWriteAccessIsAllowed() : bool
- Checks if write access to LDAP is allowed.
- checkIfPasswordChangeIsAllowed() : bool
- Checks if passwords may be changed.
- checkIfNewEntriesAreAllowed() : bool
- Checks if it is allowed to create new LDAP entries of the given type.
- checkIfDeleteEntriesIsAllowed() : bool
- Checks if it is allowed to delete LDAP entries of the given type.
- checkPasswordStrength() : mixed
- Checks if the password fulfills the password policies.
- checkPwdWithExternalPasswordService() : bool
- Checks the password against the external password service.
- checkIfToolIsActive() : mixed
- Checks if the given tool is active.
- isLoggedIn() : bool
- Returns if the user is logged in.
- getClientIPForLogging() : string
- Returns the client IP and comma separated proxy IPs if any (HTTP_X_FORWARDED_FOR, HTTP_X_REAL_IP).
- getLamLdapUser() : string
- Returns the login dn of the current user.
- addSecurityTokenToSession() : void
- Adds a security token to the session to prevent CSRF attacks.
- validateSecurityToken() : mixed
- Checks if the security token from SESSION matches POST data.
- addSecurityTokenToMetaHTML() : mixed
- Adds a hidden input field to the given meta HTML table.
- getSecurityTokenName() : string
- Returns the name of the security token parameter.
- getSecurityTokenValue() : string
- Returns the value of the security token parameter.
- setLAMHeaders() : mixed
- Sets the X-Frame-Options and Content-Security-Policy header to prevent clickjacking.
- lamEncrypt() : object
- Encrypts a string
- lamDecrypt() : string
- Decrypts a string
- lamEncryptionAlgo() : string
- Returns the encryption algorithm to use.
- lamLogRemoteMessage() : mixed
- Logs a message to a remote logging service.
- isLAMProVersion() : bool
- Returns if this is a LAM Pro installation.
- getSelfServiceSearchAttributes() : array<string|int, mixed>
- Returns a list of possible search attributes for the self service.
- getSelfServiceFieldSettings() : array<string|int, mixed>
- Returns the field settings for the self service.
- getSelfServiceOptions() : array<string|int, mixed>
- Returns meta HTML code for each self service field.
- checkSelfServiceOptions() : array<string|int, mixed>
- Checks if all input values are correct and returns the LDAP commands which should be executed.
- getSelfServiceSettings() : array<string|int, mixed>
- Returns a hash array (module name => elements) of all module options for the configuration page.
- checkSelfServiceSettings() : array<string|int, mixed>
- Checks if the self service settings are valid
- isSelfService() : bool
- Returns if script runs inside self service.
- openSelfServiceLdapConnection() : handle
- Opens the LDAP connection and returns the handle. No bind is done.
- bindLdapUser() : bool
- Binds the LDAP connections with given user and password.
- StatusMessage() : string
- This function prints a short status message. It can be used to print INFO, WARN and ERROR messages.
- getTools() : array<string|int, mixed>
- Returns the tools which are available for LAM.
Constants
ADD
public
mixed
ADD
= 'add'
DEL
public
mixed
DEL
= 'del'
LAMPDF_FONT_SIZE
font size
public
mixed
LAMPDF_FONT_SIZE
= 7
LAMPDF_FONT_SIZE_BIG
font size for bigger text
public
mixed
LAMPDF_FONT_SIZE_BIG
= 10
LAMPDF_LABELWIDTH
width of a label
public
mixed
LAMPDF_LABELWIDTH
= 50
LAMPDF_LINEHEIGHT
line height
public
mixed
LAMPDF_LINEHEIGHT
= 5
LAMPDF_LINEWIDTH
line width
public
mixed
LAMPDF_LINEWIDTH
= 190
MOD
public
mixed
MOD
= 'mod'
SAMBA_MUNGEDDIAL_FILEHEADER
File header
public
mixed
SAMBA_MUNGEDDIAL_FILEHEADER
= "20002000200020002000200020002000" . "20002000200020002000200020002000" . "20002000200020002000200020002000" . "20002000200020002000200020002000" . "20002000200020002000200020002000" . "20002000200020002000200020002000" . "5000"
SAMBA_MUNGEDDIAL_FILEHEADER_OLD
File header for old format.
public
mixed
SAMBA_MUNGEDDIAL_FILEHEADER_OLD
= "6d000800200020002000200020002000" . "20002000200020002000200020002000" . "20002000200020002000200064000100" . "20002000200020002000200020002000" . "20002000200020002000200020002000" . "20002000200020002000200020002000" . "50001000"
STAGE_ACTIONS_CALCULATED
public
mixed
STAGE_ACTIONS_CALCULATED
= 'actionsCalculated'
STAGE_FINISHED
public
mixed
STAGE_FINISHED
= 'finished'
STAGE_READ_FINISHED
public
mixed
STAGE_READ_FINISHED
= 'readFinished'
STAGE_START
public
mixed
STAGE_START
= 'start'
STAGE_WRITING
public
mixed
STAGE_WRITING
= 'writing'
Functions
array_delete()
This function will return all values from $array without values of $values.
array_delete(array<string|int, mixed> $values, array<string|int, mixed> $array) : array<string|int, mixed>
Parameters
- $values : array<string|int, mixed>
-
list of values which should be removed
- $array : array<string|int, mixed>
-
list of original values
Return values
array<string|int, mixed> —list of remaining values
in_array_ignore_case()
Checks if a string exists in an array, ignoring case.
in_array_ignore_case(string $needle, array<string|int, mixed> $haystack) : mixed
Parameters
- $needle : string
-
search string
- $haystack : array<string|int, mixed>
-
array
Return values
mixed —getdays()
This function will return the days from 1.1.1970 until now.
getdays() : number
Return values
number —of days
smbflag()
Takes a list of Samba flags and creates the corresponding flag string.
smbflag(array<string|int, mixed> $input) : string
Parameters
- $input : array<string|int, mixed>
-
is an array of Samba flags (e.g. X or D)
Return values
string —Samba flag string
ntPassword()
Generates the NT hash of a password.
ntPassword(mixed $password) : string
Parameters
- $password : mixed
Return values
string —password hash
pwd_hash()
Returns the hash value of a plain text password.
pwd_hash(string $password[, bool $enabled = true ][, string $hashType = 'SSHA' ]) : string
Parameters
- $password : string
-
the password string
- $enabled : bool = true
-
marks the hash as enabled/disabled (e.g. by prefixing "!")
- $hashType : string = 'SSHA'
-
password hash type (CRYPT, CRYPT-SHA512, SHA, SSHA, MD5, SMD5, PLAIN, K5KEY)
Tags
Return values
string —the password hash
getHashType()
Returns the hash type of the given password hash.
getHashType(string|null $hash) : string
This will return PLAIN if no supported hash type was found.
Parameters
- $hash : string|null
-
password hash
Return values
string —type (e.g. SSHA)
getSupportedHashTypes()
Returns the list of supported hash types (e.g. SSHA).
getSupportedHashTypes() : array<string|int, mixed>
Return values
array<string|int, mixed> —hash types
generateSalt()
Calculates a password salt of the given length.
generateSalt(int $len) : string
Parameters
- $len : int
-
salt length
Return values
string —the salt string
pwd_enable()
Marks an password hash as enabled and returns the new hash string
pwd_enable(string $hash) : string
Parameters
- $hash : string
-
hash value to enable
Return values
string —enabled password hash
pwd_disable()
Marks an password hash as disabled and returns the new hash string
pwd_disable(string $hash) : string
Parameters
- $hash : string
-
hash value to disable
Return values
string —disabled hash value
pwd_is_lockable()
Checks if a Unix password can be locked.
pwd_is_lockable(string $password) : bool
This checks if the password is not plain text but e.g. contains {SSHA}.
Parameters
- $password : string
-
password value
Return values
bool —can be locked
pwd_is_enabled()
Checks if a password hash is enabled/disabled
pwd_is_enabled(string $hash) : bool
Parameters
- $hash : string
-
password hash to check
Return values
bool —true if the password is marked as enabled
generateRandomPassword()
Generates a random password with 14 digits by default.
generateRandomPassword([int $length = 14 ][, bool $checkStrength = true ]) : string
Parameters
- $length : int = 14
-
length of password (defaults to 14)
- $checkStrength : bool = true
-
check if password matches the policy
Return values
string —password
generateRandomText()
Generates a random text with 20 letters by default.
generateRandomText([int $length = 20 ]) : string
Parameters
- $length : int = 20
-
length of password (defaults to 20)
Return values
string —text
checkPasswordHash()
Checks if the given password matches the crypto hash.
checkPasswordHash(mixed $type, string $hash, string $password) : bool
Parameters
- $type : mixed
- $hash : string
-
password hash value
- $password : string
-
plain text password to check
Tags
Return values
bool —hash matches
getNumberOfCharacterClasses()
Returns the number of character classes in a password.
getNumberOfCharacterClasses(string $password) : int
Parameters
- $password : string
-
password
Return values
int —number of classes
search_domains()
Returns an array with all Samba 3 domain entries under the given suffix
search_domains([mixed $server = null ][, string $suffix = null ]) : array<string|int, mixed>
Parameters
- $server : mixed = null
- $suffix : string = null
-
LDAP suffix to search (if null then $_SESSION['config']->get_Suffix('smbDomain') is used)
Return values
array<string|int, mixed> —list of samba3domain objects
get_preg()
Checks if a given value matches the selected regular expression.
get_preg(string $argument, string $regexp) : bool
Parameters
- $argument : string
-
value to check
- $regexp : string
-
pattern name
Return values
bool —true if matches, otherwise false
convertCommaEscaping()
Converts the comma escaping from Windows to OpenLDAP style.
convertCommaEscaping(string $dn) : string
Parameters
- $dn : string
-
DN
Return values
string —DN
connectToLDAP()
Connects to an LDAP server using the given URL.
connectToLDAP(string $serverURL, mixed $startTLS) : mixed
Parameters
- $serverURL : string
-
URL
- $startTLS : mixed
Return values
mixed —searchLDAPByAttribute()
This will search the given LDAP suffix for all entries which have the given attribute.
searchLDAPByAttribute(string $name, string $value, string $objectClass, array<string|int, mixed> $attributes, array<string|int, mixed> $scopes) : array<string|int, mixed>
Parameters
- $name : string
-
attribute name (may be null)
- $value : string
-
attribute value
- $objectClass : string
-
object class (may be null)
- $attributes : array<string|int, mixed>
-
list of attributes to return
- $scopes : array<string|int, mixed>
-
account types
Return values
array<string|int, mixed> —list of found entries
searchLDAPByFilter()
This will search the given LDAP suffix for all entries which match the given filter.
searchLDAPByFilter(string $filter, array<string|int, mixed> $attributes, array<string|int, mixed> $scopes[, bool $attrsOnly = false ]) : array<string|int, mixed>
Parameters
- $filter : string
- $attributes : array<string|int, mixed>
-
list of attributes to return
- $scopes : array<string|int, mixed>
-
account types
- $attrsOnly : bool = false
-
get only attributes but no values (default: false)
Return values
array<string|int, mixed> —list of found entries
searchLDAP()
Runs an LDAP search.
searchLDAP(string $suffix, string $filter, array<string|int, mixed> $attributes[, int $limit = -1 ]) : array<string|int, mixed>
Parameters
- $suffix : string
-
LDAP suffix
- $filter : string
-
filter
- $attributes : array<string|int, mixed>
-
list of attributes to return
- $limit : int = -1
-
result limit
Return values
array<string|int, mixed> —list of found entries
getLDAPServerHandle()
Returns the LDAP server handle.
getLDAPServerHandle() : handle
Return values
handle —LDAP handle
searchLDAPPaged()
Runs an LDAP search and uses paging if configured.
searchLDAPPaged(handle $server, string $dn, string $filter, array<string|int, mixed> $attributes, bool $attrsOnly, int $limit) : array<string|int, mixed>
Parameters
- $server : handle
-
LDAP connection handle
- $dn : string
-
DN
- $filter : string
-
filter
- $attributes : array<string|int, mixed>
-
attribute list
- $attrsOnly : bool
-
return only attribute names
- $limit : int
-
size limit
Return values
array<string|int, mixed> —results
ldapGetDN()
Returns the given DN.
ldapGetDN(string $dn[, array<string|int, mixed> $attributes = array('dn') ][, handle $handle = null ]) : array<string|int, mixed>|null
Parameters
- $dn : string
-
DN
- $attributes : array<string|int, mixed> = array('dn')
-
list of attributes to fetch
- $handle : handle = null
-
LDAP handle (optional for admin interface pages)
Return values
array<string|int, mixed>|null —attributes or null if not found
ldapListDN()
Returns the DN and children of a given DN.
ldapListDN(string $dn[, string $filter = '(objectclass=*)' ][, array<string|int, mixed> $attributes = array('dn') ][, handle $handle = null ][, int $limit = -1 ]) : array<string|int, mixed>
Parameters
- $dn : string
-
DN
- $filter : string = '(objectclass=*)'
-
LDAP filter
- $attributes : array<string|int, mixed> = array('dn')
-
list of attributes to fetch
- $handle : handle = null
-
LDAP handle (optional for admin interface pages)
- $limit : int = -1
-
result limit
Return values
array<string|int, mixed> —attributes or null if not found
deleteDN()
Deletes a DN and all child entries.
deleteDN(string $dn, bool $recursive) : array<string|int, mixed>
Parameters
- $dn : string
-
DN to delete
- $recursive : bool
-
recursive delete also child entries
Return values
array<string|int, mixed> —error messages
copyDnRecursive()
Performs a recursive copy from old DN under target DN.
copyDnRecursive(string $oldDn, string $targetDn) : void
Parameters
- $oldDn : string
-
old DN to copy
- $targetDn : string
-
copy nodes under this DN
Tags
Return values
void —moveDn()
Moves an LDAP entry.
moveDn(string $oldDn, string $targetDn) : void
Parameters
- $oldDn : string
-
old DN
- $targetDn : string
-
target container DN
Tags
Return values
void —getLastLDAPError()
Returns the parameters for a StatusMessage of the last LDAP search.
getLastLDAPError() : array<string|int, mixed>
Return values
array<string|int, mixed> —parameters for StatusMessage or null if all was ok
cleanLDAPResult()
Cleans the result of an LDAP search.
cleanLDAPResult(array<string|int, mixed> &$entries) : mixed
This will remove all 'count' entries and also all numeric array keys.
Parameters
- $entries : array<string|int, mixed>
-
LDAP entries in format $entries[entry number][attribute name][attribute values]
Return values
mixed —getAbstractDN()
Transforms a DN into a more user friendly format.
getAbstractDN(string $dn) : string
E.g. "dc=company,dc=de" is transformed to "company > de".
Parameters
- $dn : string
-
DN
Return values
string —transformed DN
unescapeLdapSpecialCharacters()
Unescapes LDAP special characters for readability.
unescapeLdapSpecialCharacters(string $dn) : string
Parameters
- $dn : string
-
escaped DN
Return values
string —unescaped DN
unescapeLdapSpecialCharactersCallback()
Callback function for unescaping DN.
unescapeLdapSpecialCharactersCallback(array<string|int, mixed> $matches) : string
Parameters
- $matches : array<string|int, mixed>
-
HEX value that was found
Return values
string —unescaped string
compareDN()
Helper function to sort DNs.
compareDN(string $a, string $b) : int
Parameters
- $a : string
-
first argument to compare
- $b : string
-
second argument to compare
Return values
int —0 if equal, 1 if $a is greater, -1 if $b is greater
compareLDAPEntriesByDn()
Helper function to sort LDAP entries by DN.
compareLDAPEntriesByDn(array<string|int, mixed> $a, array<string|int, mixed> $b) : int
Parameters
- $a : array<string|int, mixed>
-
first argument to compare
- $b : array<string|int, mixed>
-
second argument to compare
Return values
int —0 if equal, 1 if $a is greater, -1 if $b is greater
formatLDAPTimestamp()
Formats an LDAP time string (e.g. from createTimestamp).
formatLDAPTimestamp(string $time) : string
Parameters
- $time : string
-
LDAP time value
Return values
string —formatted time
parseLDAPTimestamp()
Parses an LDAP time stamp and returns a DateTime in current time zone.
parseLDAPTimestamp(string $time) : DateTime
Parameters
- $time : string
-
LDAP time value
Return values
DateTime —time
obfuscateText()
Simple function to obfuscate strings.
obfuscateText(string $text) : mixed
Parameters
- $text : string
-
text to obfuscate
Return values
mixed —deobfuscateText()
Simple function to deobfuscate strings.
deobfuscateText(string $text) : mixed
Parameters
- $text : string
-
text to deobfuscate
Return values
mixed —isObfuscatedText()
Checks if the given text is obfuscated.
isObfuscatedText(string $text) : bool
Parameters
- $text : string
-
text to check
Return values
bool —obfuscated or not
extractRDNAttribute()
Extracts the RDN attribute name from a given DN.
extractRDNAttribute(string $dn) : string
Parameters
- $dn : string
-
DN
Return values
string —RDN attribute name
extractRDNValue()
Extracts the RDN attribute value from a given DN.
extractRDNValue(string $dn) : string
Parameters
- $dn : string
-
DN
Return values
string —RDN attribute value
extractRDN()
Extracts the RDN part of the DN.
extractRDN(string|null $dn) : string|null
Parameters
- $dn : string|null
-
DN
Return values
string|null —RDN part
extractDNSuffix()
Extracts the DN suffix from a given DN.
extractDNSuffix(string $dn) : string
E.g. ou=people,dc=test,dc=com will result in dc=test,dc=com.
Parameters
- $dn : string
-
DN
Return values
string —DN suffix
testSmtpConnection()
Checks if the SMTP connection with the given settings is fine.
testSmtpConnection(string $server, string $user, string $password, string $encryption) : void
Parameters
- $server : string
-
SMTP server
- $user : string
-
user name
- $password : string
-
password
- $encryption : string
-
encryption type
Tags
Return values
void —sendPasswordMail()
Sends the password mail.
sendPasswordMail(string $pwd, array<string|int, mixed> $user[, string $recipient = null ]) : array<string|int, mixed>
Parameters
- $pwd : string
-
new password
- $user : array<string|int, mixed>
-
LDAP attributes of user
- $recipient : string = null
-
recipient address (optional, $user['mail'][0] used by default)
Return values
array<string|int, mixed> —list of arrays that can be used to create status messages
sendEMail()
Sends out an email.
sendEMail(string|array<string|int, mixed> $to, string $subject, string $text, string $from, bool $isHTML[, string $replyTo = null ][, string $cc = null ][, string $bcc = null ]) : mixed
Parameters
- $to : string|array<string|int, mixed>
-
TO address
- $subject : string
-
email subject
- $text : string
-
mail body (with \r\n EOL)
- $from : string
-
FROM address
- $isHTML : bool
-
HTML format
- $replyTo : string = null
-
REPLY-TO address (optional)
- $cc : string = null
-
CC address (optional)
- $bcc : string = null
-
BCC address (optional)
Return values
mixed —isCommandlineSafeEmailAddress()
Checks if an email address is safe for use on commandline
isCommandlineSafeEmailAddress( $address) : bool
Parameters
Return values
bool —is safe
getRandomNumber()
Returns a random number.
getRandomNumber() : int
Return values
int —random number
getLDAPSSLCertificate()
Connects to the LDAP server and extracts the certificates.
getLDAPSSLCertificate(string $server, string $port) : mixed
Parameters
- $server : string
-
server name
- $port : string
-
server port
Return values
mixed —false on error and certificate if extracted successfully
getExtendedLDAPErrorMessage()
Returns the extended LDAP error message if any.
getExtendedLDAPErrorMessage(handle $server) : string
Parameters
- $server : handle
-
LDAP server handle
Return values
string —error message
getDefaultLDAPErrorString()
Returns the default error message to display on the web page.
getDefaultLDAPErrorString(handle $server) : string
HTML special characters are already escaped.
Parameters
- $server : handle
-
LDAP server handle
Return values
string —error message
ldapIsPasswordExpired()
Returns if the last LDAP error was due to expired password or forced password change (AD only).
ldapIsPasswordExpired( $server) : bool
Parameters
Return values
bool —password expired
getExtraInvalidCredentialsMessage()
Tries to get additional information why invalid credentials was returned. E.g. account is locked.
getExtraInvalidCredentialsMessage(handle $ldap, string $userDn) : string
Parameters
- $ldap : handle
-
LDAP object to connect for getting extra data
- $userDn : string
-
failed DN
Return values
string —extra message
getCallingURL()
Returns the URL under which the page was loaded.
getCallingURL([ $baseUrl = '' ]) : string
This includes any GET parameters set.
Parameters
Return values
string —URL
getTimeZoneOffsetHours()
Returns the offset in hours from configured time zone to GMT.
getTimeZoneOffsetHours() : int
Return values
int —offset
getTimeZone()
Returns the configured time zone.
getTimeZone() : DateTimeZone
Return values
DateTimeZone —time zone
getFormattedTime()
Returns the current time in formatted form.
getFormattedTime(unknown $format) : mixed
Parameters
- $format : unknown
-
format to use (e.g. 'Y-m-d H:i:s')
Return values
mixed —formatSecondsToShortFormat()
Formats a number of seconds to a more human readable format with minutes, hours, etc.
formatSecondsToShortFormat(int $numSeconds) : string
E.g. 70 seconds will return 1m10s.
Parameters
- $numSeconds : int
-
number of seconds
Return values
string —formatted number
unformatShortFormatToSeconds()
Unformats text like 1m10s back to number of seconds.
unformatShortFormatToSeconds(string $text) : int
Parameters
- $text : string
-
formatted text
Return values
int —number of seconds
enforceUserIsLoggedIn()
Checks if the user is logged in. Stops script execution if not.
enforceUserIsLoggedIn([bool $check2ndFactor = true ]) : mixed
Parameters
- $check2ndFactor : bool = true
-
check if the 2nd factor was provided if required
Return values
mixed —printHeaderContents()
Prints the content of the header part.
printHeaderContents(string $title, string $prefix) : mixed
Parameters
- $title : string
-
page title
- $prefix : string
-
prefix to LAM main folder (e.g. "..")
Return values
mixed —printJsIncludes()
Prints script tags for all LAM JS files.
printJsIncludes(string $prefix) : mixed
Parameters
- $prefix : string
-
prefix to LAM main folder (e.g. "..")
Return values
mixed —convertUtf8ToUtf16Le()
Converts an UTF-8 string to UTF16LE.
convertUtf8ToUtf16Le(string $input) : mixed
Parameters
- $input : string
-
UTF-8 value
Return values
mixed —getLAMVersionText()
Returns the text with LAM and its version for header area.
getLAMVersionText() : string
Return values
string —LAM version text
isDeveloperVersion()
Returns if the given release is a developer version.
isDeveloperVersion(mixed $version) : bool
Parameters
- $version : mixed
Return values
bool —is developer version
setSSLCaCert()
Sets the environment variables for custom SSL CA certificates.
setSSLCaCert() : mixed
Return values
mixed —setlanguage()
Sets language settings for automatic translation
setlanguage() : mixed
Return values
mixed —checkChmod()
Checks whether a specific flag in the rights string is set.
checkChmod(string $right, string $target, string $chmod) : mixed
Parameters
- $right : string
-
read, write or execute
- $target : string
-
owner, group or other
- $chmod : string
-
the chmod rights
Return values
mixed —LAMVersion()
Returns the version number of this LAM installation.
LAMVersion() : string
Format:
Major/minor version are always numbers, patch level may contain letters for unofficial releases only (e.g. 0.5.alpha1).
Return values
string —version number
extractConfigOptionsFromPOST()
Extracts config options from HTTP POST data.
extractConfigOptionsFromPOST(array<string|int, mixed> $confTypes) : array<string|int, mixed>
Parameters
- $confTypes : array<string|int, mixed>
-
array (option name => type (e.g. multiselect))
Return values
array<string|int, mixed> —list of config options (name =>[values])
metaRefresh()
Prints a meta refresh page
metaRefresh(string $page) : mixed
Parameters
- $page : string
-
the URL of the target page
Return values
mixed —isAccountTypeHidden()
Checks if the given account type is hidden.
isAccountTypeHidden(string $type) : bool
Parameters
- $type : string
-
account type (e.g. user)
Return values
bool —is hidden
getLanguages()
Returns a list of all supported languages.
getLanguages() : array<string|int, LAMLanguage>
Return values
array<string|int, LAMLanguage> —languages
htmlGetRequiredMarker()
Returns the marker for required values.
htmlGetRequiredMarker() : string
Return values
string —HTML code for required marker
htmlGetRequiredMarkerElement()
Returns the marker for required values.
htmlGetRequiredMarkerElement() : htmlSpan
Return values
htmlSpan —HTML code for required marker
check_ip()
Checks if the given IP is valid.
check_ip(string $ip[, bool $subnet = false ]) : mixed
Parameters
- $ip : string
-
IP address
- $subnet : bool = false
-
IP must be a subnet
Return values
mixed —getModuleAlias()
Returns the alias name of a module
getModuleAlias(string $name, string $scope) : string|null
Parameters
- $name : string
-
the module name
- $scope : string
-
the account type ("user", "group", "host")
Return values
string|null —alias name
is_base_module()
Returns true if the module is a base module
is_base_module(string $name, string $scope) : bool
Parameters
- $name : string
-
the module name
- $scope : string
-
the account type ("user", "group", "host")
Return values
bool —true if base module
get_ldap_filter()
Returns the LDAP filter used by the account lists
get_ldap_filter(string $typeId) : string
Parameters
- $typeId : string
-
the account type ("user", "group", "host")
Return values
string —LDAP filter
getRDNAttributes()
Returns a list of LDAP attributes which can be used to form the RDN.
getRDNAttributes(string $typeId[, array<string|int, mixed> $selectedModules = null ]) : array<string|int, mixed>
The list is already sorted by the priority given by the modules.
Parameters
- $typeId : string
-
account type (user, group, host)
- $selectedModules : array<string|int, mixed> = null
-
return only RDN attributes of these modules
Return values
array<string|int, mixed> —list of LDAP attributes
getModulesDependencies()
Returns a hash array (module name => dependencies) of all module dependencies
getModulesDependencies(string $scope) : array<string|int, mixed>
"dependencies" contains an array with two sub arrays: depends, conflicts
The elements of "depends" are either module names or an array of module names (OR-case).
The elements of conflicts are module names.
Parameters
- $scope : string
-
the account type (user, group, host)
Return values
array<string|int, mixed> —dependencies
check_module_depends()
Checks if there are missing dependencies between modules.
check_module_depends(array<string|int, mixed> $selected, array<string|int, mixed> $deps) : mixed
Parameters
- $selected : array<string|int, mixed>
-
selected module names
- $deps : array<string|int, mixed>
-
module dependencies
Return values
mixed —false if no missing dependency was found, otherwise an array of array(selected module, depending module) if missing dependencies were found
check_module_conflicts()
Checks if there are conflicts between modules
check_module_conflicts(array<string|int, mixed> $selected, array<string|int, mixed> $deps) : bool
Parameters
- $selected : array<string|int, mixed>
-
selected module names
- $deps : array<string|int, mixed>
-
module dependencies
Return values
bool —false if no conflict was found, otherwise an array of array(selected module, conflicting module) if conflicts were found
getAvailableModules()
Returns an array with all available user module names
getAvailableModules(string $scope[, bool $mustSupportAdminInterface = false ]) : array<string|int, mixed>
Parameters
- $scope : string
-
account type (user, group, host)
- $mustSupportAdminInterface : bool = false
-
module must support LAM admin interface (default: false)
Return values
array<string|int, mixed> —list of possible modules
getAllModules()
Returns an array with all modules.
getAllModules() : array<string|int, baseModule>
Return values
array<string|int, baseModule> —list of modules
getProfileOptions()
Returns the elements for the profile page.
getProfileOptions(string $typeId) : array<string|int, mixed>
Parameters
- $typeId : string
-
account type (user, group, host)
Return values
array<string|int, mixed> —profile elements
checkProfileOptions()
Checks if the profile options are valid
checkProfileOptions(string $typeId, array<string|int, mixed> $options) : array<string|int, mixed>
Parameters
- $typeId : string
-
account type (user, group, host)
- $options : array<string|int, mixed>
-
hash array containing all options (name => array(...))
Return values
array<string|int, mixed> —list of error messages
getConfigOptions()
Returns a hash array (module name => elements) of all module options for the configuration page.
getConfigOptions(array<string|int, mixed> $moduleToScopes) : array<string|int, mixed>
Parameters
- $moduleToScopes : array<string|int, mixed>
-
hash array (module name => array(account types))
Return values
array<string|int, mixed> —configuration options
checkConfigOptions()
Checks if the configuration options are valid
checkConfigOptions(array<string|int, mixed> $moduleToTypeIds, array<string|int, mixed> &$options) : array<string|int, mixed>
Parameters
- $moduleToTypeIds : array<string|int, mixed>
-
hash array (module name => array(account type ids))
- $options : array<string|int, mixed>
-
hash array containing all options (name => array(...))
Return values
array<string|int, mixed> —list of error messages
getHelp()
Returns a help entry from an account module.
getHelp(string $module, string $helpID, string $scope) : array<string|int, mixed>
Parameters
- $module : string
-
module name
- $helpID : string
-
help identifier
- $scope : string
-
account type
Return values
array<string|int, mixed> —help entry
getAvailablePDFFields()
Returns a list of available PDF entries.
getAvailablePDFFields(string $typeId) : array<string|int, mixed>
Parameters
- $typeId : string
-
account type (user, group, host)
Return values
array<string|int, mixed> —PDF entries (field ID => field label)
getUploadColumns()
Returns an array containing all input columns for the file upload.
getUploadColumns(ConfiguredType &$type, array<string|int, mixed> $selectedModules) : array<string|int, mixed>
Syntax:
array(
string: name, // fixed non-translated name which is used as column name (should be of format:
string: description, // short descriptive name
string: help, // help ID
string: example, // example value
boolean: required // true, if user must set a value for this column
)
Parameters
- $type : ConfiguredType
-
account type
- $selectedModules : array<string|int, mixed>
-
selected account modules
Return values
array<string|int, mixed> —column list
buildUploadAccounts()
This function builds the LDAP accounts for the file upload.
buildUploadAccounts(ConfiguredType $type, array<string|int, mixed> $data, array<string|int, mixed> $ids, array<string|int, mixed> $selectedModules, htmlResponsiveRow $container) : mixed
If there are problems status messages will be printed automatically.
Parameters
- $type : ConfiguredType
-
account type
- $data : array<string|int, mixed>
-
array containing one account in each element
- $ids : array<string|int, mixed>
-
array(<column_name> =>
) - $selectedModules : array<string|int, mixed>
-
selected account modules
- $container : htmlResponsiveRow
-
HTML container
Return values
mixed —array including accounts or false if there were errors
doUploadPreActions()
Runs any actions that need to be done before an LDAP entry is created.
doUploadPreActions(ConfiguredType $type, array<string|int, mixed> $selectedModules, array<string|int, mixed> $attributes) : array<string|int, mixed>
Parameters
- $type : ConfiguredType
-
account type
- $selectedModules : array<string|int, mixed>
-
list of selected account modules
- $attributes : array<string|int, mixed>
-
LDAP attributes of this entry (attributes are provided as reference, handle modifications of $attributes with care)
Return values
array<string|int, mixed> —array which contains status messages. Each entry is an array containing the status message parameters.
doUploadPostActions()
This function executes one post upload action.
doUploadPostActions(ConfiguredType $type, array<string|int, mixed> &$data, array<string|int, mixed> $ids, array<string|int, mixed> $failed, array<string|int, mixed> $selectedModules, array<string|int, mixed> &$accounts) : array<string|int, mixed>
Parameters
- $type : ConfiguredType
-
account type
- $data : array<string|int, mixed>
-
array containing one account in each element
- $ids : array<string|int, mixed>
-
array(<column_name> =>
) - $failed : array<string|int, mixed>
-
list of accounts which were not created successfully
- $selectedModules : array<string|int, mixed>
-
list of selected account modules
- $accounts : array<string|int, mixed>
-
list of LDAP entries
Return values
array<string|int, mixed> —current status
array (
'status' => 'finished' | 'inProgress'
'module' =>
'progress' => 0..100
'errors' => array (<array of parameters for StatusMessage>)
)
getRequiredExtensions()
Returns true if the module is a base module
getRequiredExtensions() : array<string|int, mixed>
Return values
array<string|int, mixed> —required extensions
parseHtml()
Takes a list of meta-HTML elements and prints the equivalent HTML output.
parseHtml(string $module, mixed $input, array<string|int, mixed> $values, bool $restricted, string $scope) : array<string|int, mixed>
The modules are not allowed to display HTML code directly but return meta HTML code. This allows to have a common design for all module pages.
Parameters
- $module : string
-
Name of account module
- $input : mixed
-
htmlElement or array of htmlElement elements
- $values : array<string|int, mixed>
-
List of values which override the defaults in $input (name => value)
- $restricted : bool
-
If true then no buttons will be displayed
- $scope : string
-
Account type
Return values
array<string|int, mixed> —List of input field names and their type (name => type)
lamCompareDescriptiveOptions()
Helper function to sort descriptive options in parseHTML().
lamCompareDescriptiveOptions(array<string|int, mixed> &$a, array<string|int, mixed> &$b) : int
It compares the second entries of two arrays.
Parameters
- $a : array<string|int, mixed>
-
first array
- $b : array<string|int, mixed>
-
second array
Return values
int —compare result
printHelpLink()
Prints a LAM help link.
printHelpLink(array<string|int, mixed> $entry, string $number[, string $module = '' ][, string $scope = '' ][, array<string|int, mixed> $classes = [] ]) : mixed
Parameters
- $entry : array<string|int, mixed>
-
help entry
- $number : string
-
help number
- $module : string = ''
-
module name
- $scope : string = ''
-
account scope
- $classes : array<string|int, mixed> = []
-
CSS classes
Return values
mixed —lam_start_session()
Starts a session and sets the cookie options.
lam_start_session() : mixed
Return values
mixed —lamDefaultCookieOptions()
lamDefaultCookieOptions() : array<string|int, mixed>
Return values
array<string|int, mixed> —startSecureSession()
Starts a session and checks the environment.
startSecureSession([bool $redirectToLogin = true ][, bool $initSecureData = false ]) : bool
The script is stopped if one of the checks fail (timeout redirection may be overridden).
Parameters
- $redirectToLogin : bool = true
-
redirect user to login page (default: true)
- $initSecureData : bool = false
-
init verification data like session ID and client IP (default: false)
Return values
bool —true if all ok, false if session expired
isFileBasedSession()
Returns if the session uses files storage.
isFileBasedSession() : bool
Return values
bool —file based session
checkClientIP()
Checks if the client's IP address is on the list of allowed IPs.
checkClientIP() : mixed
The script is stopped if the host is not valid.
Return values
mixed —logoffAndBackToLoginPage()
Logs off the user and displays the login page.
logoffAndBackToLoginPage() : mixed
Return values
mixed —isDebugLoggingEnabled()
Returns if debug messages are to be logged.
isDebugLoggingEnabled() : bool
Return values
bool —debug enabled
logNewMessage()
Puts a new message in the log file.
logNewMessage(string $level, string $message) : void
Parameters
- $level : string
-
log level (LOG_DEBUG, LOG_NOTICE, LOG_WARNING, LOG_ERR)
- $message : string
-
log message
Return values
void —checkIfWriteAccessIsAllowed()
Checks if write access to LDAP is allowed.
checkIfWriteAccessIsAllowed([string $scope = null ]) : bool
Parameters
- $scope : string = null
-
account type (e.g. user)
Return values
bool —true, if allowed
checkIfPasswordChangeIsAllowed()
Checks if passwords may be changed.
checkIfPasswordChangeIsAllowed() : bool
Return values
bool —true, if allowed
checkIfNewEntriesAreAllowed()
Checks if it is allowed to create new LDAP entries of the given type.
checkIfNewEntriesAreAllowed(string $scope) : bool
This also checks if general write access is enabled.
Parameters
- $scope : string
-
account type (e.g. 'user')
Return values
bool —true, if new entries are allowed
checkIfDeleteEntriesIsAllowed()
Checks if it is allowed to delete LDAP entries of the given type.
checkIfDeleteEntriesIsAllowed(string $scope) : bool
Parameters
- $scope : string
-
account type (e.g. 'user')
Return values
bool —true, if entries may be deleted
checkPasswordStrength()
Checks if the password fulfills the password policies.
checkPasswordStrength(string $password, string|array<string|int, mixed> $userNames, array<string|int, mixed> $otherUserAttrs) : mixed
Parameters
- $password : string
-
password
- $userNames : string|array<string|int, mixed>
-
user name(s)
- $otherUserAttrs : array<string|int, mixed>
-
user's first/last name
Return values
mixed —true if ok, string with error message if not valid
checkPwdWithExternalPasswordService()
Checks the password against the external password service.
checkPwdWithExternalPasswordService(LAMCfgMain $cfg, string $password) : bool
Parameters
- $cfg : LAMCfgMain
-
main configuration
- $password : string
-
password
Return values
bool —password accepted as secure
checkIfToolIsActive()
Checks if the given tool is active.
checkIfToolIsActive(string $tool) : mixed
Otherwise, an error message is logged and the execution is stopped (die()).
Parameters
- $tool : string
-
tool class name (e.g. toolFileUpload)
Return values
mixed —isLoggedIn()
Returns if the user is logged in.
isLoggedIn() : bool
Return values
bool —is logged in
getClientIPForLogging()
Returns the client IP and comma separated proxy IPs if any (HTTP_X_FORWARDED_FOR, HTTP_X_REAL_IP).
getClientIPForLogging() : string
Return values
string —client IP (e.g. 10.10.10.10,11.11.11.11)
getLamLdapUser()
Returns the login dn of the current user.
getLamLdapUser() : string
Return values
string —user DN
addSecurityTokenToSession()
Adds a security token to the session to prevent CSRF attacks.
addSecurityTokenToSession([bool $overwrite = true ]) : void
Parameters
- $overwrite : bool = true
-
overwrite existing token
Return values
void —validateSecurityToken()
Checks if the security token from SESSION matches POST data.
validateSecurityToken() : mixed
Return values
mixed —addSecurityTokenToMetaHTML()
Adds a hidden input field to the given meta HTML table.
addSecurityTokenToMetaHTML(htmlTable|htmlGroup|htmlResponsiveRow &$container) : mixed
Should be used to add token at the end of table.
Parameters
- $container : htmlTable|htmlGroup|htmlResponsiveRow
-
table
Return values
mixed —getSecurityTokenName()
Returns the name of the security token parameter.
getSecurityTokenName() : string
Return values
string —name
getSecurityTokenValue()
Returns the value of the security token parameter.
getSecurityTokenValue() : string
Return values
string —value
setLAMHeaders()
Sets the X-Frame-Options and Content-Security-Policy header to prevent clickjacking.
setLAMHeaders() : mixed
Return values
mixed —lamEncrypt()
Encrypts a string
lamEncrypt(string $data[, string $prefix = '' ]) : object
Parameters
- $data : string
-
string to encrypt
- $prefix : string = ''
-
prefix for cookie names
Return values
object —encrypted string
lamDecrypt()
Decrypts a string
lamDecrypt(object $data[, string $prefix = '' ]) : string
Parameters
- $data : object
-
string to decrypt
- $prefix : string = ''
-
prefix for cookie names
Return values
string —decrypted string
lamEncryptionAlgo()
Returns the encryption algorithm to use.
lamEncryptionAlgo() : string
Return values
string —algorithm name
lamLogRemoteMessage()
Logs a message to a remote logging service.
lamLogRemoteMessage(int $level, string $message, LAMCfgMain $cfgMain) : mixed
Parameters
- $level : int
-
log level
- $message : string
-
log message
- $cfgMain : LAMCfgMain
-
main configuration
Return values
mixed —isLAMProVersion()
Returns if this is a LAM Pro installation.
isLAMProVersion() : bool
Return values
bool —LAM Pro installation
getSelfServiceSearchAttributes()
Returns a list of possible search attributes for the self service.
getSelfServiceSearchAttributes(string $scope) : array<string|int, mixed>
Parameters
- $scope : string
-
account type
Return values
array<string|int, mixed> —attributes
getSelfServiceFieldSettings()
Returns the field settings for the self service.
getSelfServiceFieldSettings(string $scope) : array<string|int, mixed>
Parameters
- $scope : string
-
account type
Return values
array<string|int, mixed> —settings
getSelfServiceOptions()
Returns meta HTML code for each self service field.
getSelfServiceOptions(string $scope, array<string|int, mixed> $fields, array<string|int, mixed> $attributes, bool $passwordChangeOnly, array<string|int, mixed> $readOnlyFields) : array<string|int, mixed>
Parameters
- $scope : string
-
account type
- $fields : array<string|int, mixed>
-
input fields (array(<moduleName> => array(
, , ...))) - $attributes : array<string|int, mixed>
-
LDAP attributes (attribute names in lower case)
- $passwordChangeOnly : bool
-
indicates that the user is only allowed to change his password and no LDAP content is readable
- $readOnlyFields : array<string|int, mixed>
-
list of read-only fields
Return values
array<string|int, mixed> —meta HTML code (array(<moduleName> => htmlResponsiveRow))
checkSelfServiceOptions()
Checks if all input values are correct and returns the LDAP commands which should be executed.
checkSelfServiceOptions(string $scope, string $fields, array<string|int, mixed> $attributes, bool $passwordChangeOnly, array<string|int, mixed> $readOnlyFields) : array<string|int, mixed>
Parameters
- $scope : string
-
account type
- $fields : string
-
input fields (array(<moduleName> => array(
, , ...))) - $attributes : array<string|int, mixed>
-
LDAP attributes
- $passwordChangeOnly : bool
-
indicates that the user is only allowed to change his password and no LDAP content is readable
- $readOnlyFields : array<string|int, mixed>
-
list of read-only fields
Return values
array<string|int, mixed> —messages and LDAP commands (array('messages' => [], 'add' => [], 'del' => [], 'mod' => []))
getSelfServiceSettings()
Returns a hash array (module name => elements) of all module options for the configuration page.
getSelfServiceSettings(string $scope, selfServiceProfile $profile) : array<string|int, mixed>
Parameters
- $scope : string
-
account type
- $profile : selfServiceProfile
-
currently edited profile
Return values
array<string|int, mixed> —configuration options
checkSelfServiceSettings()
Checks if the self service settings are valid
checkSelfServiceSettings(string $scope, array<string|int, mixed> &$options, selfServiceProfile &$profile) : array<string|int, mixed>
Parameters
- $scope : string
-
account type
- $options : array<string|int, mixed>
-
hash array containing all options (name => array(...))
- $profile : selfServiceProfile
-
profile
Return values
array<string|int, mixed> —list of error messages
isSelfService()
Returns if script runs inside self service.
isSelfService() : bool
Return values
bool —is self service
openSelfServiceLdapConnection()
Opens the LDAP connection and returns the handle. No bind is done.
openSelfServiceLdapConnection(selfServiceProfile $profile) : handle
Parameters
- $profile : selfServiceProfile
-
profile
Return values
handle —LDAP handle or null if connection failed
bindLdapUser()
Binds the LDAP connections with given user and password.
bindLdapUser(handle $handle, mixed $profile, string $userDn, string $password) : bool
Parameters
- $handle : handle
-
LDAP handle
- $profile : mixed
- $userDn : string
-
bind DN
- $password : string
-
bind password
Return values
bool —binding successful
StatusMessage()
This function prints a short status message. It can be used to print INFO, WARN and ERROR messages.
StatusMessage(string $MessageTyp, string $MessageHeadline[, string $MessageText = '' ][, array<string|int, mixed> $MessageVariables = [] ][, bool $returnOutput = false ]) : string
Parameters
- $MessageTyp : string
-
The type of the message to be printed. It must be one of the following types: 'INFO', 'WARN' or 'ERROR'.
Every other type will lead to an error message indicating an invalid message type. - $MessageHeadline : string
-
The headline of the status message.
It may be formatted with special color/link/bold tags. - $MessageText : string = ''
-
The text of the status message.
It may be formatted with special color/link/bold tags. This parameter is optional. - $MessageVariables : array<string|int, mixed> = []
-
The variables that are used to replace the spacers (%s) in the submitted text. This parameter is optional.
- $returnOutput : bool = false
-
if set to true this function will return the generated HTML code instead of printing it directly (default: false)
Return values
string —HTML code if $returnOutput is set to true, otherwise null
getTools()
Returns the tools which are available for LAM.
getTools() : array<string|int, mixed>
Return values
array<string|int, mixed> —list of LAMTool objects