public/ws-vacation Changeset - r33:49ea552911f9

Changeset - r33:49ea552911f9

Parent rev.

Child rev.

[Not reviewed]

v0.9 default

0 4 1

Wolfgang Scherer (ws) - 12 years ago 2013-04-24 19:31:24
wolfgang.scherer@gmx.de

Functions test_readable/cat-file using sudo to allow home directories with permission 700.

5 files changed with 158 insertions and 11 deletions:

index.php

lib/config.php

lib/test_readable.sh

103

lib/util.php

lib/ws-vacation-sudo.in

0 comments (0 inline, 0 general)

index.php

➞

Show inline comments

 <?php // -*- php -*-
 // Copyright (C) 2012, Wolfgang Scherer, <Wolfgang.Scherer at gmx.de>
 // Sponsored by WIEDENMANN SEILE GMBH, http://www.wiedenmannseile.de
 //
 // This file is part of Wiedenmann Vacation.
 //
 // This program is free software; you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published
 // by the Free Software Foundation; either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful, but
 // WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 // General Public License for more details.
 //
 // You should have received a copy of the GNU General Public License
 // along with this program. If not, see <http://www.gnu.org/licenses/>,
 // or write to Wolfgang Scherer, <Wolfgang.Scherer at gmx.de>
 // $_REQUEST['_DEBUG_'] = 1;
 // --------------------------------------------------
 // |||:sec:||| Configuration
 // --------------------------------------------------
 require_once(dirname(__FILE__) . '/lib/util.php');
 require_once(dirname(__FILE__) . '/lib/template.php');
 // _DEBUG_ = 1 normal debugging
 // _DEBUG_ = 2 turn off administrator rights
 // _DEBUG_ = 3 provoke error #1
 // _DEBUG_ = 4 provoke error #2
 if (isset($_REQUEST['_DEBUG_'])) {
     $_debug = $_REQUEST['_DEBUG_'];
     if (empty($_debug)) {
         $_debug = 1;
+    }
 } else {
     $_debug = 0;
+}
 file_put_contents('/tmp/xxxxxxx', 'check');
 system('touch /tmp/xxxxxx1');
 // --------------------------------------------------
 // |||:sec:||| Setup
 // --------------------------------------------------
 if (isset($_SERVER["REMOTE_USER"])) {
     $remote_user = $_SERVER["REMOTE_USER"];
 } else {
     $remote_user = '';
+}
 if (isset($_REQUEST["user"])) {
     $request_user = $_REQUEST["user"];
 } else {
     $request_user = '';
+}
 $is_admin = in_array($remote_user, $ADMIN_USERS);
 if ($_debug > 1) {
     $is_admin = False;
+}
 // $is_admin = False;              // |:debug:|
 $users = get_users();
 $user_names = array_keys($users);
 if (!$is_admin) {
     $user = $remote_user;
 } else {
     $user = $request_user;
     if (empty($user)) {
         $user = $remote_user;
+    }
+}
 // --------------------------------------------------
 // |||:sec:||| HTML Header
 // --------------------------------------------------
 $title = get_text('title');
 $css = '
 div.error {
     margin-bottom: 10px;
+}
 span.label {
     width: 100px;
     display: inline-block;
     vertical-align: top;
+}
 hr.sep {
     width: 550px;
     text-align: left;
     margin-left: 0;
+}
 #body, #copyright-notice {
     width: 550px;
     margin: 10px auto;
     position:relative;
+}
 #body {
     text-align: left;
+}
 #copyright-notice {
     text-align: center;
     font-size: 8pt;
+}
 h4._more, h4._less {
     cursor: pointer;
+}
 h4._more:after {
     content: "...";
     font-weight: bold;
     padding-left: 4px;
+}
 h4._less:before {
     content: "^";
     font-weight: bold;
     padding-right: 4px;
+}
 ';
 $headers = '<script class="jsbin" src="http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js"></script>';
 $script ='
 jQuery(document).ready(function(){
     $("#expert-mode").click(function(ev) {
         ev.preventDefault();
         var jthis = $(this);
         var contents = jthis.next();
         if (contents.is(":visible")) {
             jthis.addClass("_more");
             jthis.removeClass("_less");
             contents.hide();
         } else {
             jthis.removeClass("_more");
             jthis.addClass("_less");
             contents.show();
+        }
         return false;
     }).click();
 });
 ';
 echo substitute_elements(
     $HEAD, Array(
         'title' => trim($title),
         'css' => trim($css),
         'headers' => trim($headers),
         'script' => trim($script),
         ));
 hl($title);
 // --------------------------------------------------
 // |||:sec:||| Error handling (User)
 // --------------------------------------------------
 if ($_debug > 2) {
     $user = '';                 // error #1
+}
 if ($_debug > 3) {
     $user = 'unknown';          // error #2
+}
 if (empty($user)) {
     error_msg(get_text('error_no_user'));
     echo $FOOT;
     exit(0);
+}
 if (!$is_admin && !in_array($user, $user_names)) {
     error_msg(sprintf('%s (%s)!', get_text('error_unknown_user'), $user));
     echo $FOOT;
     exit(0);
+}
 // --------------------------------------------------
 // |||:sec:||| Setup HOME/vacation(1)
 // --------------------------------------------------
 $home = $users[$user][1];
 if ($_debug) {
     echo ('<pre>'."\n");            // |:debug:|
     echo ('user: ' . $user . "\n");
     echo ('home: ' . $home . "\n");
     echo ('</pre>'."\n");
+}
 $vacation_msg_file = sprintf('%s/%s', $home, $VACATION_MSG_FILE);
 $vacation_db_file = sprintf('%s/%s', $home, $VACATION_DB_FILE);
 $forward_file = sprintf('%s/%s', $home, $FORWARD_FILE);
-$forward_active = file_exists($forward_file);
+$forward_active = test_readable($forward_file, $user);
 $forward_settings = Array(
     '\\'.$user, '', sprintf($VACATION_FORWARD_ENTRY, $user));
 if ($forward_active)
+{
-    $forward_settings = file_get_contents($forward_file);
+    $forward_settings = cat_file($forward_file, $user);
     $lines = explode("\n", $forward_settings);
     $forward_settings = preg_split('/, */', $lines[0]);
     if (count($forward_settings) < 3) {
         $forward_settings[2] = $forward_settings[1];
         $forward_settings[1] = '';
+    }
+}
 $vacation_setup_raw = isset($_REQUEST["raw"]);
 $vacation_clear = isset($_REQUEST['clear']);
-if ($vacation_clear || !file_exists($vacation_msg_file)) {
+if ($vacation_clear || !test_readable($vacation_msg_file, $user)) {
     // Reset to default
     $vacation_msg = get_text('vacation');
     $vacation_parts = vacation_split($vacation_msg, False);
     $vacation_subject = $vacation_parts[0];
     $vacation_body = $vacation_parts[2];
     $vacation_msg = vacation_join($vacation_subject, $vacation_body);
     $vacation_setup_raw = False;
 } else {
-    $vacation_msg = file_get_contents($vacation_msg_file);
+    $vacation_msg = cat_file($vacation_msg_file, $user);
+}
 $message_parts = message_split($vacation_msg);
 $message_headers = $message_parts[0];
 $message_body = $message_parts[1];
 $x_wsv_format = header_field_body($message_headers, 'x-wsv-format');
 if ( $x_wsv_format == 'raw' ) {
     $x_wsv_raw = True;
 } else {
     $x_wsv_raw = False;
+}
 if ( $x_wsv_raw )
+{
     $vacation_headers = $message_headers;
     $vacation_body = $message_body;
     $vacation_subject = header_field_body($vacation_headers, 'subject');
 } else {
     $vacation_parts = vacation_split($vacation_msg, True);
     $vacation_subject = $vacation_parts[0];
     $vacation_headers = $vacation_parts[1];
     $vacation_body = $vacation_parts[2];
+}
 $vacation_refresh = isset($_REQUEST['refresh']);
 $vacation_forward_to = '';
 if ( !$vacation_refresh && !$vacation_clear && isset($_REQUEST['forward']) ) {
     $vacation_forward_to =  $_REQUEST['forward'];
 } else {
     $vacation_forward_to = $forward_settings[1];
     $vacation_forward_to = preg_replace('/^\\\\/', '', $vacation_forward_to);
     if (empty($vacation_forward_to)) {
         $vacation_forward_to = vacation_find_forward($vacation_headers);
+    }
+}
 // --------------------------------------------------
 // |||:sec:||| Set vacation(1) parameters
 // --------------------------------------------------
 $vacation_setup = isset($_REQUEST['save']);
 if ( $vacation_setup ) {
     // |:check:| redundant?
     $vacation_setup_raw = False;
+}
 $vacation_del_log = isset($_REQUEST['delete']);
 if ( $vacation_del_log ) {
     if ( !isset($_REQUEST['subject']) ) {
         $vacation_setup_raw = True;
+    }
+}
 if ($vacation_setup || $vacation_setup_raw || $vacation_del_log) {
     $forward_active = isset($_REQUEST['active']);
     // validate forward to
     if ($vacation_forward_to == $user) {
         $vacation_forward_to = '';
+    }
     $forward_settings = Array(
         '\\'.$user, $vacation_forward_to,
         sprintf($VACATION_FORWARD_ENTRY, $user));
     if ( $vacation_setup_raw ) {
         $vacation_msg = isset($_REQUEST['message']) ? trim($_REQUEST['message']) : '';
         $message_parts = message_split($vacation_msg);
         $vacation_headers = header_clean($message_parts[0]);
         $vacation_body = $message_parts[1];
         $vacation_subject = header_field_body($vacation_headers, 'subject');
         header_set($vacation_headers, 'X-WSV-Format: raw');
         $x_wsv_raw = True;
     } else {
         $vacation_subject = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : '';
         $vacation_body = isset($_REQUEST['body']) ? trim($_REQUEST['body']) : '';
         $vacation_headers = Array();
         $x_wsv_raw = False;
+    }
     while (True) {
         if ($vacation_del_log) {
             system(sprintf(
                        '%s -u %s %s %s -i',
                        $SUDO_CMD, $user, $SUDO_OPT_H, $VACATION_CMD));
             break;
+        }
         if (empty ($vacation_subject)) {
             error_msg(get_text('error_no_subject'));
             break;
+        }
         if (!$is_admin && !empty($vacation_forward_to) && !in_array($vacation_forward_to, $user_names)) {
             error_msg(sprintf('%s (%s)!', get_text('error_unknown_forward'), $vacation_forward_to));
             break;
+        }
         // Actually set it
         // Prepare vacation(1) message
         if (!empty($vacation_forward_to)) {
             header_set($vacation_headers, sprintf('X-WSV-Forward-To: %s', $vacation_forward_to));
+        }
         if ( $vacation_setup_raw ) {
             $vacation_msg = message_join($vacation_headers, $vacation_body);
             // echo "<pre>"; // |:debug:|
             // var_dump($vacation_headers);
             // var_dump($vacation_body);
             // echo $vacation_msg;
             // echo "</pre>";
         } else {
             $vacation_msg = vacation_join($vacation_subject, $vacation_body, $vacation_headers);
+        }
         $vacation_msg_pipe = popen(sprintf(
                   '%s -u %s %s %s %s',
                   $SUDO_CMD, $user, $SUDO_OPT_H, $WRITE_TO_CMD, $vacation_msg_file),
             'w');
         fwrite($vacation_msg_pipe, $vacation_msg);
         pclose($vacation_msg_pipe);
         // Initialize vacation(1) if necessary.
-        if (!file_exists($vacation_db_file)) {
+        if (!test_readable($vacation_db_file, $user)) {
             system(sprintf(
                        '%s -u %s %s %s -i',
                        $SUDO_CMD, $user, $SUDO_OPT_H, $VACATION_CMD));
+        }
         // Write or remove .forward file
         if ($forward_active) {
             $use_fs = Array();
             foreach ($forward_settings as $fs) {
                 if (empty($fs)) {
                     continue;
+                }
                 $use_fs[] = $fs;
+            }
             $forward_file_pipe = popen(sprintf(
                       '%s -u %s %s %s %s',
                       $SUDO_CMD, $user, $SUDO_OPT_H, $WRITE_TO_CMD, $forward_file),
                 'w');
             fwrite($forward_file_pipe, implode(", ", $use_fs)."\n");
             pclose($forward_file_pipe);
         } else {
             system(sprintf(
                        '%s -u %s %s /bin/rm -f %s',
                        $SUDO_CMD, $user, $SUDO_OPT_H, $forward_file));
                        '%s -u %s %s %s %s',
                        $SUDO_CMD, $user, $SUDO_OPT_H, $RM_CMD, $forward_file));
+        }
         break;
+    }
+}
 // echo ('<pre>'."\n");            // |:debug:|
 // echo ($vacation_forward_to);
 // var_dump($forward_settings);
 // echo ('</pre>'."\n");
 // --------------------------------------------------
 // |||:sec:||| User Interface
 // --------------------------------------------------
 $form = Array();
 //$form[] = '<hr class="sep"/>';
 $form[] = '<form action="index.php" method="post">';
 $form[] = '<div>';
 if ($_debug) {
     $form[] = sprintf(
         '<input type="hidden" name="_DEBUG_" value="%s" />', $_debug);
+}
 // Retrieval
 $form[] = '<span class="label">';
 $form[] = sprintf('<input type="submit" name="refresh" value="%s" />', get_text('refresh'));
 $form[] = sprintf('<br /><input type="submit" name="clear" value="%s" />', get_text('clear'));
 $form[] = '</span>';
 // column names
 $form[] = '<div style="display: inline-block; padding: 0; margin: 0;"><table border="0" cellspacing="0" cellpadding="2" style="width: 445px; vertical-align: top;">';
 $trow = Array();
 $trow[] = get_text('user');
 $trow[] = get_text('forward_to');
 $trow[] = get_text('active');
 $form[] = sprintf('<tr><th style="text-align: center;">&nbsp;%s&nbsp;</th></tr>', implode($trow, '&nbsp;</th><th style="text-align: center;">&nbsp;'));
 $trow = Array();
 // user
 $user_control = Array();
 if ($is_admin) {
     $user_control[] = '<select name="user">';
     foreach ($user_names as $sel_user) {
         if ($sel_user == $user) {
             $selected = ' selected="selected"';
         } else {
             $selected = '';
+        }
         $user_control[] = sprintf('<option%s>%s</option>', $selected, $sel_user);
+    }
     $user_control[] = '</select>';
     $user_control = implode($user_control, "\n");
 } else {
     $user_control = sprintf(
         '<input type="hidden" name="user" value="%s" />%s', $user, $user);
+}
 $trow[] = $user_control;
 // forward
 $user_control = Array();
 $user_control[] = '<select name="forward">';
 $user_control[] = sprintf('<option value="">%s</option>', get_text('none'));
 $selected = '';
 foreach ($user_names as $sel_user) {
     if (!$is_admin && $sel_user == $user) {
         continue;
+    }
     if ($sel_user == $vacation_forward_to) {
         $selected = ' selected="selected"';
     } else {
         $selected = '';
+    }
     $user_control[] = sprintf('<option%s>%s</option>', $selected, $sel_user);
+}
 $user_control[] = '</select>';
 $user_control = implode($user_control, "\n");
 $trow[] = $user_control;
 // active checkbox
 $user_control = Array();
 if ($forward_active) {
     $active_checked = ' checked="checked"';
 } else {
     $active_checked = '';
+}
 $user_control[] = sprintf('<input type="checkbox" name="active" value="active"%s /><br />',
                           $active_checked);
 $user_control = implode($user_control, "\n");
 $trow[] = $user_control;
 $form[] = sprintf('<tr><td style="text-align: center;">%s</td></tr>', implode($trow, '</td><td style="text-align: center;">'));
 $form[] = '</table></div><br />';
 $text_rows = 10;
 // $text_rows = 3;                // |:debug:|
 if ( !$x_wsv_raw )
+{
     $form[] = sshl(get_text('automatic_mode'));
     // subject
     $form[] = sprintf('<span class="label">%s<sup>*</sup>:</span>', get_text('subject'));
     $form[] = (
         '<input type="text" name="subject" value="' . htmlspecialchars($vacation_subject, ENT_COMPAT, "UTF-8")
         .'" size="49" style="width: 440px;" /><br />');
     // message
     $form[] = sprintf('<span class="label">%s<sup>*</sup>:</span>', get_text('body'));
     $form[] = (
         '<textarea name="body" cols="56" rows="'.$text_rows.'"'
         .' style="vertical-align: top; width: 440px;">' . htmlspecialchars($vacation_body, ENT_NOQUOTES, "UTF-8") . '</textarea><br />');
     // actions
     $form[] = '<hr class="sep"/>';
     $form[] = '<span class="label">&nbsp;</span>';
     $form[] = sprintf('<input type="submit" name="save" value="%s" />', get_text('save'));
     //$form[] = ' ' . get_text('enable_encoding');
     $form[] = '<hr class="sep"/>';
+}
 if ($x_wsv_raw || $EXPERT_ENABLED)
+{
     if ( $x_wsv_raw ) {
         $text_rows = 15;
         $id = null;
     } else {
         $text_rows = 5;
         $id = 'expert-mode';
+    }
     $form[] = sshl(get_text('expert_mode'), $id);
 #    $form[] = sshl('<a href="#">'.get_text('expert_mode').'</a>', 'expert-mode-head');
     $form[] = '<div>';
     // raw message
     $form[] = sprintf('<span class="label">%s<sup>*</sup>:</span>', get_text('message'));
     $form[] = (
         '<textarea name="message" cols="56" rows="'.$text_rows.'"'
         .' style="vertical-align: top; width: 440px;">' . htmlspecialchars($vacation_msg, ENT_NOQUOTES, "UTF-8") . '</textarea><br />');
     $form[] = '<span class="label">&nbsp;</span>';
     $form[] = (
         '<span style="display: inline-block; width: 440px; margin-top: 5px; font-size: 8pt;">'
         . get_text('explain_expert')
         .'</span><br />');
     $form[] = '<hr class="sep"/>';
     $form[] = '<span class="label">&nbsp;</span>';
     $form[] = sprintf('<input type="submit" name="raw" value="%s" />', get_text('save'));
     //$form[] = ' ' . get_text('disable_encoding');
     $form[] = '<hr class="sep"/>';
     $form[] = '</div>';
+}
 //$form[] = '<span class="label">&nbsp;</span>';
 $form[] = (
     '<span style="display: inline-block; width: 550px;"><sup>*</sup>'
     . get_text('explain_subject')
     .'</span><br />');
 // --------------------------------------------------
 // |||:sec:||| Vacation History
 // --------------------------------------------------
 $vacation_list_cmd = sprintf(
     '%s -u %s %s %s -l', $SUDO_CMD, $user, $SUDO_OPT_H, $VACATION_CMD);
 // echo ('<pre>'."\n");
 // echo ($vacation_list_cmd);
 // echo ('</pre>'."\n");
 $vacation_ausgabe = popen ($vacation_list_cmd, 'r');
 $vacation_list = stream_get_contents($vacation_ausgabe);
 pclose($vacation_ausgabe);
 if (!empty ($vacation_list)) {
     $form[] = shl(get_text('reply_history'));
     // $form[] = '<hr class="sep"/>';
     $form[] = '<pre>';
     $form[] = $vacation_list;
     $form[] = '</pre>';
     $form[] = '<hr class="sep"/>';
     $form[] = '<span class="label">&nbsp;</span>';
     $form[] = sprintf('<input type="submit" name="delete" value="%s" /><br />', get_text('delete'));
     if ($is_admin) {
         $form[] = ('<hr class="sep"/>');
+    }
 } else {
     $form[] = shl(get_text('reply_history_empty'));
+}
 $form[] = '</div>';
 $form[] = '</form>';
 echo implode($form, "\n");
 // --------------------------------------------------
 // |||:sec:||| Administrator Manual
 // --------------------------------------------------
 if ($is_admin) {
     echo shl(get_text('manual_headline'));
     echo (sprintf('<a href="%s">%s</a><br />'."\n", get_text('manual_link'), get_text('manual')));
+}
 // --------------------------------------------------
 // |||:sec:||| Debug
 // --------------------------------------------------
 if ($_debug) {
     echo "<pre>\n";                 // |:debug:|
     echo "\$_REQUEST: \n";
     var_dump($_REQUEST);
     echo "</pre>\n";
     echo "\$_SERVER: \n";
     echo "<pre>\n";                 // |:debug:|
     var_dump($_SERVER);
     echo "</pre>\n";
+}
 echo $FOOT;
 //
 // :ide-menu: Emacs IDE Menu - Buffer @BUFFER@
 // . M-x `eIDE-menu' ()(eIDE-menu "z")
 // :ide: COMPILE: PHP _DEBUG_=2 _DEBUG_TEST_=2
 // . (compile (concat "php " (file-name-nondirectory (buffer-file-name)) " _DEBUG_=2 _DEBUG_TEST_=2"))
 // :ide: QUO: $this->
 // . (insert "$this->" )
 // :ide: COMPILE: PHP w/o args
 // . (compile (concat "php " (file-name-nondirectory (buffer-file-name)) ""))
 // :ide: COMPILE: PHP _DEBUG_=1 _DEBUG_TEST_=1
 // . (compile (concat "php " (file-name-nondirectory (buffer-file-name)) " _DEBUG_=1 _DEBUG_TEST_=1"))
 //
 // Local Variables:
 // mode: php
 // End:
 ?>

lib/config.php

➞

Show inline comments

 <?php // -*- php -*-
 // Copyright (C) 2012, Wolfgang Scherer, <Wolfgang.Scherer at gmx.de>
 // Sponsored by WIEDENMANN SEILE GMBH, http://www.wiedenmannseile.de
 //
 // This file is part of Wiedenmann Vacation.
 //
 // This program is free software; you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published
 // by the Free Software Foundation; either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful, but
 // WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 // General Public License for more details.
 //
 // You should have received a copy of the GNU General Public License
 // along with this program. If not, see <http://www.gnu.org/licenses/>,
 // or write to <Wolfgang.Scherer at gmx.de>
 // $_REQUEST['_DEBUG_'] = 1;
 // --------------------------------------------------
 // |||:sec:||| CONFIGURATION
 // --------------------------------------------------
 // All users in $PASSWD_FILE, whose user ID >= $USER_ID_MIN and <=
 // $USER_ID_MAX are considered:
 // 1. If the user appears in $ALLOWED_USERS, he is always included
 // 2. If the HOME directory does not start with $HOME_PFX, the user is ignored
 // 3. If the user appears in $INVALID_USERS, he is ignored
 // 4. The user is authorized.
 // Alle Benutzer in $PASSWD_FILE, deren User ID >= $USER_ID_MIN und <=
 // $USER_ID_MAX werden in Betracht gezogen:
 // 1. Falls der Benutzer in $ALLOWED_USERS angegeben ist, wird er immer zugelassen.
 // 2. Wenn das HOME-Verzeichnis nicht mit $HOME_PFX beginnnt, wird der Benutzer nicht zugelasssen.
 // 3. Wenn der Benutzer in $INVALID_USERS angegeben ist, wird er nicht zugelasssen.
 // 4. Der Benutzer wird zugelassen.
 // User which are always allowed.
 // If the user appears in $PASSWD_FILE, he is always enabled.
 $ALLOWED_USERS = Array(
     );
 // Invalid users.
 // These users are always ignored.
 $INVALID_USERS = Array(
     'clamav',
     'elektriker',
     'info',
     'postman',
     'vmail',
     );
 // Administrators can modify the settings of all users.
 $ADMIN_USERS = Array(
     'js',
     'sw',
     'ws',
     );
 $LANGUAGE = 'en';
 $LANGUAGE = 'de';
 $PASSWD_FILE = '/etc/passwd';
 $SHADOW_FILE = '/etc/shadow';
 $HTPASSWD_FILE = '.htpasswd';
 $HOME_PFX = '/home/';
 $USER_ID_MIN = 1000;
 $USER_ID_MAX = 60000;
 $SUDO_CMD = '/usr/bin/sudo';
 $SUDO_OPT_H = ' -H';
 $TEST_CMD = dirname(__FILE__) . '/test_readable.sh';
 $RM_CMD = '/bin/rm -f';
 $CAT_CMD = '/bin/cat';
 $WRITE_TO_CMD = dirname(__FILE__) . '/write_to.sh';
 $FORMAIL_CMD = '/usr/bin/formail';
 $VACATION_CMD = '/usr/bin/vacation';
 $VACATION_MSG_FILE = '.vacation.msg';
 $VACATION_DB_FILE = '.vacation.db';
 $VACATION_FORWARD_ENTRY = sprintf('"| %s -c | %s %%s"', $FORMAIL_CMD, $VACATION_CMD); // use sprintf($VFE, $user);
 $FORWARD_FILE = '.forward';
 $EXPERT_ENABLED = True;
 $HEADER_REMOVE = Array(
     'bcc',
     'cc',
     'date',
     'delivered-to',
     'message-id',
     'received',
     'return-path',
     'to',
     'user-agent',
     'references',
     'in-reply-to',
     );
 //
 // :ide-menu: Emacs IDE Menu - Buffer @BUFFER@
 // . M-x `eIDE-menu' ()(eIDE-menu "z")
 // :ide: COMPILE: PHP _DEBUG_=2 _DEBUG_TEST_=2
 // . (compile (concat "php " (file-name-nondirectory (buffer-file-name)) " _DEBUG_=2 _DEBUG_TEST_=2"))
 // :ide: QUO: $this->
 // . (insert "$this->" )
 // :ide: COMPILE: PHP w/o args
 // . (compile (concat "php " (file-name-nondirectory (buffer-file-name)) ""))
 // :ide: COMPILE: PHP _DEBUG_=1 _DEBUG_TEST_=1
 // . (compile (concat "php " (file-name-nondirectory (buffer-file-name)) " _DEBUG_=1 _DEBUG_TEST_=1"))
 //
 // Local Variables:
 // mode: php
 // End:
 ?>

lib/test_readable.sh

➞

Show inline comments

@@ new file 100755 @@
 #!/bin/sh
 # test_readable.sh - check whether file exists and is readable
 # usage: test_readable.sh file
 # Copyright (C) 2013, Wolfgang Scherer, <Wolfgang.Scherer at gmx.de>
 # Sponsored by WIEDENMANN SEILE GMBH, http://www.wiedenmannseile.de
+#
 # This file is part of Wiedenmann Vacation.
+#
 :  # script help
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful, but
 # WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 # General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program. If not, see <http://www.gnu.org/licenses/>,
 # or write to Wolfgang Scherer, <Wolfgang.Scherer at gmx.de>
 # (progn (forward-line 1) (snip-insert "gen_hd-configuration" t t "sh") (insert ""))
 ## (progn (forward-line 1) (snip-insert "sh_b.prog-path" t t "sh") (insert ""))
 ## (progn (forward-line 1) (snip-insert "sh_b.config.sh" t t "sh") (insert ""))
 # --------------------------------------------------
 # |||:sec:||| FUNCTIONS
 # --------------------------------------------------
 usage ()
+{
     script_help="script-help"
     ( "${script_help}" ${1+"$@"} "${0}" ) 2>/dev/null \
     || ${SED__PROG-sed} -n '3,/^[^#]/{;/^[^#]/d;p;}' "${0}";
+}
 ## (progn (forward-line 1) (snip-insert "sh_f.hl" t t "sh") (insert ""))
 ## (progn (forward-line 1) (snip-insert "sh_f.vexec" t t "sh") (insert ""))
 ## (progn (forward-line 1) (snip-insert "sh_wsrfid.f.config_dump" t t "sh") (insert ""))
 ## (progn (forward-line 1) (snip-insert "sh.scr.sed" t t "sh") (insert "\n"))
 ## (progn (forward-line 1) (snip-insert "sh.scr.awk" t t "sh") (insert "\n"))
 ## (progn (forward-line 1) (snip-insert "sh.scr.perl" t t "sh") (insert "\n"))
 ## (progn (forward-line 1) (snip-insert "sh.scr.python" t t "sh") (insert "\n"))
 # (progn (forward-line 1) (snip-insert "sh_b.opt-loop" t t "sh") (insert "\n"))
 test x"${1+set}" = xset && \
 case "${1}" in
 -\?|-h|--help) usage; exit 0;;
 --docu) usage --full; exit 0;;
 esac
 # --------------------------------------------------
 # |||:sec:||| MAIN
 # --------------------------------------------------
 # |:here:|
 ## (progn (forward-line 1) (snip-insert-mode "sh.b.wrf.loop" t t) (insert "\n"))
 if test -r "${1}"
 then
     printf "yes\n"
 else
     printf "no\n"
 fi
 exit # |||:here:|||
+#
 # :ide-menu: Emacs IDE Main Menu - Buffer @BUFFER@
 # . M-x `eIDE-menu' (eIDE-menu "z")
 # :ide: OCCUR-OUTLINE: Sections: `||: sec :||'
 # . (x-symbol-tag-occur-outline "sec" '("||:" ":||") '("|:" ":|"))
 # :ide: MENU-OUTLINE:  Sections `||: sec :||'
 # . (x-eIDE-menu-outline "sec" '("||:" ":||") '("|:" ":|"))
 # :ide: +-#+
 # . Buffer Outline Sections ()
 # :ide: SHELL: Run with --docu
 # . (progn (save-buffer) (shell-command (concat "sh " (file-name-nondirectory (buffer-file-name)) " --docu")))
 # :ide: SHELL: Run with --help
 # . (progn (save-buffer) (shell-command (concat "sh " (file-name-nondirectory (buffer-file-name)) " --help")))
 # :ide: SHELL: Run w/o args
 # . (progn (save-buffer) (shell-command (concat "sh " (file-name-nondirectory (buffer-file-name)) " ")))
+#
 # Local Variables:
 # mode: sh
 # comment-start: "#"
 # comment-start-skip: "#+"
 # comment-column: 0
 # End:
 # mmm-classes: (here-doc ide-entries)

lib/util.php

➞

Show inline comments

 <?php // -*- php -*-
 // Copyright (C) 2012, Wolfgang Scherer, <Wolfgang.Scherer at gmx.de>
 // Sponsored by WIEDENMANN SEILE GMBH, http://www.wiedenmannseile.de
 //
 // This file is part of Wiedenmann Vacation.
 //
 // This program is free software; you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published
 // by the Free Software Foundation; either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful, but
 // WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 // General Public License for more details.
 //
 // You should have received a copy of the GNU General Public License
 // along with this program. If not, see <http://www.gnu.org/licenses/>,
 // or write to <Wolfgang.Scherer at gmx.de>
 // $_REQUEST['_DEBUG_'] = 1;
 // $_REQUEST['_DEBUG_TEST_'] = 1;
 require_once(dirname(__FILE__) . '/../lib/config.php');
 require_once(dirname(__FILE__) . '/../lib/language.php');
 // --------------------------------------------------
 // |||:sec:||| Files
 // --------------------------------------------------
 function test_readable($file, $user)
+{
     global $SUDO_CMD, $SUDO_OPT_H, $TEST_CMD;
     $test_cmd = sprintf(
         "%s -u %s %s %s '%s'",
         $SUDO_CMD, $user, $SUDO_OPT_H, $TEST_CMD, $file);
     $test_ausgabe = popen ($test_cmd, 'r');
     $result = stream_get_contents($test_ausgabe);
     pclose($test_ausgabe);
     return (trim($result) == 'yes');
+}
 function cat_file($file, $user)
+{
     global $SUDO_CMD, $SUDO_OPT_H, $CAT_CMD;
     $cat_cmd = sprintf(
         "%s -u %s %s %s '%s'",
         $SUDO_CMD, $user, $SUDO_OPT_H, $CAT_CMD, $file);
     $cat_ausgabe = popen ($cat_cmd, 'r');
     $result = stream_get_contents($cat_ausgabe);
     pclose($cat_ausgabe);
     return $result;
+}
 // --------------------------------------------------
 // |||:sec:||| Benutzer
 // --------------------------------------------------
 function get_users()
+{
     global $PASSWD_FILE;
     global $USER_ID_MIN;
     global $USER_ID_MAX;
     global $ALLOWED_USERS;
     global $INVALID_USERS;
     global $HOME_PFX;
     $passwd = file_get_contents($PASSWD_FILE);
     $lines = explode("\n", $passwd);
     $users = Array();
     //var_dump($lines);
     foreach ($lines as $line) {
         if (empty($line)) {
             continue;
+        }
         $fields = explode(':', $line);
         $user = $fields[0];
         $uid = $fields[2];
         $home = $fields[5];
         // uncoditionally accept allowed users
         if (!in_array($user, $ALLOWED_USERS)) {
             if ($uid < $USER_ID_MIN || $uid > $USER_ID_MAX) {
                 // skip users with a user id outside the allowed range
                 continue;
+            }
             $home_pos = strpos($home, $HOME_PFX);
             if ($home_pos === false || $home_pos > 0) {
                 // skip users without a HOME directory
                 continue;
+            }
             if (in_array($user, $INVALID_USERS)) {
                 // skip invalid users
                 continue;
+            }
+        }
         $users[$user] = Array($user, $home);
+    }
     ksort($users);
     return $users;
+}
 function make_htpasswd()
+{
     global $SHADOW_FILE;
     global $HTPASSWD_FILE;
     $users = get_users();
     $user_names = array_keys($users);
     $shadow = file_get_contents($SHADOW_FILE);
     $lines = explode("\n", $shadow);
     $pw_ent = Array();
     //var_dump($lines);
     foreach ($lines as $line) {
         if (empty($line)) {
             continue;
+        }
         $fields = explode(':', $line);
         $user = $fields[0];
         $pass = $fields[1];
         if (in_array($user, $user_names)) {
             $pw_ent[] = sprintf('%s:%s', $user, $pass);
+        }
+    }
     $htpwd = fopen($HTPASSWD_FILE, 'w');
     fwrite($htpwd, implode($pw_ent, "\n"));
     fclose($htpwd);
+}
 // --------------------------------------------------
 // |||:sec:||| substitute_elements
 // --------------------------------------------------
 // |:check:| syntax error on PHP 5.2.x (mecki)
 // class substitute_elements_check
 // {
 //     const _doc_ = <<<'DOC'
 // Markierungen in String ersetzen.
 // function substitute_elements ($string, $substitutions=array(), $keep_unknown=NULL, $pfx='@', $sfx=NULL)
 // Falls eine Markierung gefunden wurde, die nicht in $substitutions
 // enthalten ist, wird sie durch einen leeren String ersetzt, falls
 // $keep_unknown == false, andernfalls wird die Markierung
 // unverändert beibehalten.
 // Ist $keep_unknown == NULL (Standardwert), dann wird es auf
 // isset($_REQUEST['_DEBUG_']) gesetzt. Im Debug-Modus werden die
 // Markierungen also beibehalten im Normal-Modus nicht.
 // DOC;
 //     const _check_ = <<<'CHECK'
 // global $BRNL;
 // $string = 'Eine @Ersetzung@ an @dieser@ Stelle.' . $BRNL;
 // $substitutions = array(
 //     'Ersetzung' => 'neue Sache',
 //     );
 // echo substitute_elements($string, $substitutions, True);
 // echo substitute_elements($string, $substitutions, False);
 // CHECK;
 //     static $_check_output_;
 // }
 function substitute_elements (
     $string, $substitutions=array(), $keep_unknown=NULL, $pfx='@', $sfx=NULL)
+{
     if ( !isset($keep_unknown) )
+    {
         $keep_unknown = isset($_REQUEST['_DEBUG_']);
+    }
     if ( !isset($sfx) )
+    {
         $sfx = $pfx;
+    }
     $subst_rx = $pfx . '([^' . substr($sfx, 0, 1) . ']+)' .$sfx;
     $parts = preg_split('/' . $subst_rx . '/', $string);
     //hline();
     //$d->c()->kva($parts)->p();
     $subst_keys = Array();
     preg_match_all('/' . $subst_rx . '/', $string,
                    $subst_keys, PREG_PATTERN_ORDER);
     $subst_keys = $subst_keys[1];
     //hline();
     //$d->c()->kva($subst_keys)->p();
     $result = Array();
     $indx = 0;
     foreach ($parts as $part)
+    {
         // pdkv('// $part '."$indx", $part);
         $result[] = $part;
         if ( array_key_exists($indx, $subst_keys))
+        {
             $subst_key = $subst_keys[$indx];
             if (array_key_exists($subst_key, $substitutions))
+            {
                 $result[] = $substitutions[$subst_key];
+            }
             else if ( $keep_unknown )
+            {
                 $result[] = $pfx . $subst_key . $sfx;
+            }
             // pdkv('// $subst_key', $subst_key);
+        }
         $indx += 1;
+    }
     $result = implode('', $result);
     return $result;
+}
 // --------------------------------------------------
 // |||:sec:||| Language Support
 // --------------------------------------------------
 if (!array_key_exists($LANGUAGE, $LC_LANGUAGES)) {
     $LANGUAGE = 'en';
+}
 $LC_MESSAGES_EN = $LC_LANGUAGES['en'];
 $LC_MESSAGES = $LC_LANGUAGES[$LANGUAGE];
 if ( True && isset($_SERVER['HTTP_ACCEPT_LANGUAGE']))
+{
     $accept_language = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
     $accept_language = preg_replace('/;[^,;]*/', '', $accept_language);
     $preferred_languages = explode(',', $accept_language);
     // if (isset($_REQUEST['_DEBUG_'])) {
     //     var_dump($preferred_languages);
     // }
     foreach ($preferred_languages as $plang) {
         if (array_key_exists($plang, $LC_LANGUAGES)) {
             $LC_MESSAGES = $LC_LANGUAGES[$plang];
             break;
+        }
+    }
+}
 function get_text($text)
+{
     global $LC_MESSAGES_EN;
     global $LC_MESSAGES;
     if ( !array_key_exists($text, $LC_MESSAGES))
+    {
         if ( array_key_exists($text, $LC_MESSAGES_EN) )
+        {
             return $LC_MESSAGES_EN[$text];
+        }
         return $text;
+    }
     return $LC_MESSAGES[$text];
+}
 // --------------------------------------------------
 // |||:sec:||| Überschrift/Fehlermeldung
 // --------------------------------------------------
 function shl($message)
+{
     return sprintf('<h3>%s</h3>', $message);
+}
 function sshl($message, $id=null)
+{
     if ( isset($id) ) {
         $id_fmt = sprintf(' id="%s"', $id);
     } else {
         $id_fmt = '';
+    }
     return sprintf('<h4%s>%s</h4>', $id_fmt, $message);
+}
 function hl($message)
+{
     echo shl($message)."\n";
+}
 function error_msg($message)
+{
     echo sprintf('<div class="error"><strong>%s</strong></div>'."\n", $message);
+}
 // --------------------------------------------------
 // |||:sec:||| vaccation(1) message
 // --------------------------------------------------
 // 2.2. Header Fields
 //    Header fields are lines beginning with a field name, followed by a
 //    colon (":"), followed by a field body, and terminated by CRLF.  A
 //    field name MUST be composed of printable US-ASCII characters (i.e.,
 //    characters that have values between 33 and 126, inclusive), except
 //    colon.  A field body may be composed of printable US-ASCII characters
 //    as well as the space (SP, ASCII value 32) and horizontal tab (HTAB,
 //    ASCII value 9) characters (together known as the white space
 //    characters, WSP).  A field body MUST NOT include CR and LF except
 //    when used in "folding" and "unfolding", as described in section
 //    2.2.3.  All field bodies MUST conform to the syntax described in
 //    sections 3 and 4 of this specification.
 function message_split($message)
+{
     $lines = explode("\n", ltrim($message));
     $headers = Array();
     $body = '';
     $check_from = True;
     $current_field = '';
     while (True) {
         $line = array_shift($lines);
         $tline = trim($line);
         if (empty($tline)) {
             break;
+        }
         if ($check_from) {
             $check_from = False;
             if ( preg_match('/^From /', $line) ) {
                 continue;
+            }
+        }
         $matches = Array();
         if ( preg_match('/(^[!-~]+):/', $line, $matches)) {
             $current_field = strtolower($matches[1]);
             $headers[$current_field] = $line;
             continue;
+        }
         if (!empty($current_field))
+        {
             $headers[$current_field] .= "\n" . $line;
             continue;
+        }
         $headers[] = $line;
+    }
     $body = implode($lines, "\n");
     global $_debug;
     if ( $_debug ) {
         echo "<pre>\n";
         echo "--------------------------------------------------\n";
         echo "headers\n";
         echo "--------------------------------------------------\n";
         var_dump($headers);
         echo "--------------------------------------------------\n";
         echo "body\n";
         echo "--------------------------------------------------\n";
         var_dump($body);
         echo "</pre>\n";
+    }
     return Array($headers, $body);
+}
 function message_join($headers, $body)
+{
     return sprintf("%s\n\n%s", implode($headers, "\n"), $body);
+}
 function header_set(&$headers, $header)
+{
     $matches = Array();
     if (preg_match('/^([!-~]+):/', $header, $matches)) {
         $headers[$matches[1]] = trim($header);
+    }
+}
 function header_field_body(&$headers, $field_name)
+{
     if (array_key_exists($field_name, $headers)) {
         $field = $headers[$field_name];
         $field_body = preg_replace('/^[^:]+: */', '', $field);
     } else {
         $field_body = '';
+    }
     return $field_body;
+}
 function header_clean(&$headers)
+{
     global $HEADER_REMOVE;
     $clean_headers = Array();
     foreach ($headers as $field_name => $field) {
         if ( substr($field_name, 0 , 2) == 'x-' )
+        {
             continue;
+        }
         if (in_array($field_name, $HEADER_REMOVE))
+        {
             continue;
+        }
         $clean_headers[$field_name] = $field;
+    }
     return $clean_headers;
+}
 if (!function_exists("quoted_printable_encode")) {
     // only available with PHP >= 5.3.0
     if (function_exists("imap_8bit")) {
         function quoted_printable_encode($string) {
             return imap_8bit($string);
+        }
     } else {
         /**
          * Process a string to fit the requirements of RFC2045 section 6.7. Note that
          * this works, but replaces more characters than the minimum set. For readability
          * the spaces and CRLF pairs aren't encoded though.
          */
         function quoted_printable_encode($string) {
             $string = str_replace(array('%20', '%0D%0A', '%'), array(' ', "\r\n", '='), rawurlencode($string));
             $string = preg_replace('/[^\r\n]{73}[^=\r\n]{2}/', "$0=\r\n", $string);
             return $string;
+        }
+    }
+}
 // there should be no need ... quoted_printable_decode is around since PHP4
 if (!function_exists("quoted_printable_decode")) {
     if (function_exists("imap_qprint")) {
         echo "imap_qprint";
         function quoted_printable_decode($string) {
             return imap_qprint($string);
+        }
+    }
+}
 // Difference between Q-encoding and quoted-printable
 // The ASCII codes for the question mark ("?") and equals sign ("=")
 // may not be represented directly as they are used to delimit the
 // encoded-word. The ASCII code for space may not be represented
 // directly because it could cause older parsers to split up the
 // encoded word undesirably. To make the encoding smaller and easier
 // to read the underscore is used to represent the ASCII code for
 // space creating the side effect that underscore cannot be
 // represented directly. Use of encoded words in certain parts of
 // headers imposes further restrictions on which characters may be
 // represented directly.
 function Q_encode ($string)

lib/ws-vacation-sudo.in

➞

Show inline comments

 # Allow www user to run the vacation command as a user, but not as root
 User_Alias WWWRUN = wwwrun,www-data
 Runas_Alias NOTROOT = ALL,!root
 Cmnd_Alias VACATION=/usr/bin/vacation *
 Cmnd_Alias RM_FORWARD=/bin/rm -f /home/*/.forward
 Cmnd_Alias CAT_FORWARD=@base_dir@/lib/write_to.sh /home/*/.forward
 Cmnd_Alias CAT_VACATION_MSG=@base_dir@/lib/write_to.sh /home/*/.vacation.msg
 Cmnd_Alias TEST_FORWARD=@base_dir@/lib/test_readable.sh /home/*/.forward
 Cmnd_Alias TEST_VACATION_MSG=@base_dir@/lib/test_readable.sh /home/*/.vacation.msg
 Cmnd_Alias TEST_VACATION_DB=@base_dir@/lib/test_readable.sh /home/*/.vacation.db
 Cmnd_Alias GET_FORWARD=/bin/cat /home/*/.forward
 Cmnd_Alias GET_VACATION_MSG=/bin/cat /home/*/.vacation.msg
 Cmnd_Alias PUT_FORWARD=@base_dir@/lib/write_to.sh /home/*/.forward
 Cmnd_Alias PUT_VACATION_MSG=@base_dir@/lib/write_to.sh /home/*/.vacation.msg
 WWWRUN ALL=(NOTROOT) NOPASSWD: VACATION
 WWWRUN ALL=(NOTROOT) NOPASSWD: RM_FORWARD
 WWWRUN ALL=(NOTROOT) NOPASSWD: CAT_FORWARD
 WWWRUN ALL=(NOTROOT) NOPASSWD: CAT_VACATION_MSG
 WWWRUN ALL=(NOTROOT) NOPASSWD: TEST_FORWARD
 WWWRUN ALL=(NOTROOT) NOPASSWD: TEST_VACATION_MSG
 WWWRUN ALL=(NOTROOT) NOPASSWD: TEST_VACATION_DB
 WWWRUN ALL=(NOTROOT) NOPASSWD: GET_FORWARD
 WWWRUN ALL=(NOTROOT) NOPASSWD: GET_VACATION_MSG
 WWWRUN ALL=(NOTROOT) NOPASSWD: PUT_FORWARD
 WWWRUN ALL=(NOTROOT) NOPASSWD: PUT_VACATION_MSG

0 comments (0 inline, 0 general)