Release 1.2.4

Fixes for translation of "Add new attribute"

README.md

@@ -0,0 +1,13 @@
+phpLDAPadmin
+============
+
+phpLDAPadmin - Web based LDAP administration tool
+
+
+## Installation
+
+[INSTALL](INSTALL.md)
+
+## License
+
+[LICENSE](LICENSE)

VERSION

@@ -1 +1 @@
-RELEASE-1.2.3
+RELEASE-1.2.4

config/config.php.example

@@ -379,7 +379,7 @@ $servers->setValue('server','name','My LDAP Server');
 
 /* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
    blowfish, crypt or leave blank for now default algorithm. */
-// $servers->setValue('appearance','password_hash','md5');
+// $servers->setValue('appearance','pla_password_hash','md5');
 
 /* If you specified 'cookie' or 'session' as the auth_type above, you can
    optionally specify here an attribute to use when logging in. If you enter
@@ -546,7 +546,7 @@ $servers->setValue('sasl','authz_id_regex','/^uid=([^,]+)(.+)/i');
 $servers->setValue('sasl','authz_id_replacement','$1');
 $servers->setValue('sasl','props',null);
 
-$servers->setValue('appearance','password_hash','md5');
+$servers->setValue('appearance','pla_password_hash','md5');
 $servers->setValue('login','attr','dn');
 $servers->setValue('login','fallback_dn',false);
 $servers->setValue('login','class',null);

doc/README-translation.txt

@@ -1,2 +1,2 @@
-Please see http://phpldapadmin.sourceforge.net/Translate now for information on
+Please see http://phpldapadmin.sourceforge.net/wiki/index.php/Translate now for information on
 translating PLA.

htdocs/copy.php

@@ -63,7 +63,7 @@ if ($request['recursive']) {
 	print '</small>';
 
 } else {
-	if ($_SESSION[APPCONFIG]->getValue('confirm','copy')) {
+	if ($_SESSION[APPCONFIG]->getValue('confirm','copy') && !$request['remove']) {
 		$request['pageSRC'] = new TemplateRender($ldap['SRC']->getIndex(),get_request('template','REQUEST',false,null));
 		$request['pageSRC']->setDN($request['dnSRC']);
 		$request['pageSRC']->accept(true);

htdocs/entry_chooser.php

@@ -15,9 +15,9 @@ $www['page'] = new page();
 
 $request = array();
 $request['container'] = get_request('container','GET');
-$request['form'] = get_request('form','GET');
-$request['element'] = get_request('element','GET');
-$request['rdn'] = get_request('rdn','GET');
+$request['form'] = htmlspecialchars(addslashes(get_request('form','GET')));
+$request['element'] = htmlspecialchars(addslashes(get_request('element','GET')));
+$request['rdn'] = htmlspecialchars(addslashes(get_request('rdn','GET')));
 
 echo '<div class="popup">';
 printf('<h3 class="subtitle">%s</h3>',_('Entry Chooser'));
@@ -33,7 +33,7 @@ echo '</script>';
 echo '<table class="forminput" width="100%" border="0">';
 if ($request['container']) {
 	printf('<tr><td class="heading" colspan="3">%s:</td><td>%s</td></tr>',_('Server'),$app['server']->getName());
-	printf('<tr><td class="heading" colspan="3">%s:</td><td>%s</td></tr>',_('Looking in'),$request['container']);
+	printf('<tr><td class="heading" colspan="3">%s:</td><td>%s</td></tr>',_('Looking in'),htmlspecialchars($request['container']));
 	echo '<tr><td class="blank" colspan="4">&nbsp;</td></tr>';
 }
 

htdocs/export_form.php

@@ -81,7 +81,7 @@ printf('<tr><td>%s</td><td><input type="text" name="filter" style="width:300px"
 	_('Search Filter'),htmlspecialchars($request['filter']));
 
 printf('<tr><td>%s</td><td><input type="text" name="attributes" style="width:300px" value="%s" /></td></tr>',
-	_('Show Attributtes'),htmlspecialchars($request['attr']));
+	_('Show Attributes'),htmlspecialchars($request['attr']));
 
 printf('<tr><td>&nbsp;</td><td><input type="checkbox" name="sys_attr" id="sys_attr" %s/> <label for="sys_attr">%s</label></td></tr>',
 	$request['sys_attr'] ? 'checked="checked" ' : '',_('Include system attributes'));

htdocs/index.php

@@ -57,6 +57,11 @@ if (defined('CONFDIR'))
 else
 	$app['config_file'] = 'config.php';
 
+if (! is_readable($app['config_file'])) {
+	if (ob_get_level()) ob_end_clean();
+	die(sprintf("Missing configuration file <b>%s</b> - have you created it?",$app['config_file']));
+}
+
 # Make sure this PHP install has session support
 if (! extension_loaded('session'))
 	error('<p>Your install of PHP appears to be missing php-session support.</p><p>Please install php-session support before using phpLDAPadmin.<br /><small>(Dont forget to restart your web server afterwards)</small></p>','error',null,true);
@@ -120,8 +125,10 @@ if (! $config = check_config($app['config_file'])) {
 	$_SESSION[APPCONFIG] = $config;
 }
 
-if ($uri = get_request('URI','GET'))
+if ($uri = get_request('URI','GET')) {
 	header(sprintf('Location: cmd.php?%s',base64_decode($uri)));
+        exit;
+}
 
 if (! preg_match('/^([0-9]+\.?)+/',app_version())) {
 	system_message(array(

htdocs/js/ajax_functions.js

@@ -202,8 +202,6 @@ function makeHttpRequest(url,parameters,meth,successCallbackFunctionName,errorCa
 	http_request.open(meth,url,true);
 
 	http_request.setRequestHeader('Content-type','application/x-www-form-urlencoded');
-	http_request.setRequestHeader('Content-length',parameters.length);
-	http_request.setRequestHeader('Connection','close');
 
 	if (meth == 'GET') parameters = null;
 	http_request.send(parameters);

htdocs/login_form.php

@@ -16,7 +16,19 @@ printf('<h3 class="title">%s %s</h3>',_('Authenticate to server'),$app['server']
 echo '<br />';
 
 # Check for a secure connection
-if (! isset($_SERVER['HTTPS']) || strtolower($_SERVER['HTTPS']) != 'on') {
+$isHTTPS = false;
+
+# Check if the current connection is encrypted
+if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') {
+        $isHTTPS = true;
+}
+# Check if a proxy server downstream does encryption for us
+elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && strtolower($_SERVER['HTTP_X_FORWARDED_SSL'])
+== 'on') {
+        $isHTTPS = true;
+}
+
+if (!$isHTTPS) {
 	echo '<div style="text-align: center; color:red">';
 	printf('<acronym title="%s"><b>%s: %s.</b></acronym>',
 		_('You are not using \'https\'. Web browser will transmit login information in clear text.'),
@@ -25,6 +37,7 @@ if (! isset($_SERVER['HTTPS']) || strtolower($_SERVER['HTTPS']) != 'on') {
 
 	echo '<br />';
 }
+unset($isSecure);
 
 # HTTP Basic Auth Form.
 if ($app['server']->getAuthType() == 'http') {

htdocs/monitor.php

@@ -129,15 +129,15 @@ foreach (array(
 }
 
 # cn=Connections,cn=Monitor
-printf('<tr class="list_item"><td class="heading" rowspan="2"><acronym title="%s">%s</acronym></td></tr>',$results['cn=Connections,cn=Monitor']['description'],_('LDAP Connections'));
+printf('<tr class="list_item"><td class="heading" rowspan="2"><acronym title="%s">%s</acronym></td></tr>',$results['cn=Connections,cn=Monitor']['description'][0],_('LDAP Connections'));
 printf('<tr class="list_item"><td class="value">');
 echo '<table class="result"><tr><td>';
 echo '<table class="result_table" border="0" width="100%">';
 
 printf('<tr class="highlight"><td class="20%%">%s</td><td class="value" style="width: 80%%;">%s</td></tr>',
-	_('Total Connections'),$results['cn=Total,cn=Connections,cn=Monitor']['monitorcounter']);
+	_('Total Connections'),$results['cn=Total,cn=Connections,cn=Monitor']['monitorcounter'][0]);
 printf('<tr class="highlight"><td class="20%%">%s</td><td class="value" style="width: 80%%;">%s</td></tr>',
-	_('Current Connections'),$results['cn=Current,cn=Connections,cn=Monitor']['monitorcounter']);
+	_('Current Connections'),$results['cn=Current,cn=Connections,cn=Monitor']['monitorcounter'][0]);
 
 # Look for some connections
 foreach ($results as $key => $value) {

lib/PageRender.php

@@ -287,7 +287,7 @@ class PageRender extends Visitor {
 						break;
 
 					default:
-						$vals[$i] = password_hash($passwordvalue,$enc);
+						$vals[$i] = pla_password_hash($passwordvalue,$enc);
 				}
 
 				$vals = array_unique($vals);
@@ -957,7 +957,7 @@ class PageRender extends Visitor {
 		if (trim($val))
 			$enc_type = get_enc_type($val);
 		else
-			$enc_type = $server->getValue('appearance','password_hash');
+			$enc_type = $server->getValue('appearance','pla_password_hash');
 
 		$obfuscate_password = obfuscate_password_display($enc_type);
 
@@ -982,7 +982,7 @@ class PageRender extends Visitor {
 		if (trim($val))
 			$enc_type = get_enc_type($val);
 		else
-			$enc_type = $server->getValue('appearance','password_hash');
+			$enc_type = $server->getValue('appearance','pla_password_hash');
 
 		echo '<table cellspacing="0" cellpadding="0"><tr><td valign="top">';
 

lib/QueryRender.php

@@ -321,7 +321,7 @@ class QueryRender extends PageRender {
 					if (! $results) {
 						echo _('Search returned no results');
 
-						continue;
+						continue 2;
 					}
 
 					printf('<form action="cmd.php" method="post" id="massform_%s">',$counter);

lib/TemplateRender.php

@@ -59,7 +59,7 @@ class TemplateRender extends PageRender {
 			$this->layout['action'] = '<td class="icon"><img src="%s/%s" alt="%s" /></td><td><a href="cmd.php?%s" title="%s">%s</a></td>';
 			$this->layout['actionajax'] = '<td class="icon"><img src="%s/%s" alt="%s" /></td><td><a href="cmd.php?%s" title="%s" onclick="return ajDISPLAY(\'BODY\',\'%s\',\'%s\');">%s</a></td>';
 
-			# If we dont want to render this template automatically, we'll return here.
+			# If we don't want to render this template automatically, we'll return here.
 			if ($norender)
 				return;
 
@@ -273,7 +273,7 @@ class TemplateRender extends PageRender {
 				else
 					$container = $args[5];
 
-				# Process filter (arg 1), eventually replace %attr% by it's value set in a previous page.
+				# Process filter (arg 1), eventually replace %attr% by its value set in a previous page.
 				preg_match_all('/%(\w+)(\|.+)?(\/[lUC])?%/U',$args[1],$filtermatchall);
 				//print_r($matchall); // -1 = highlevel match, 1 = attr, 2 = subst, 3 = mod
 
@@ -1679,7 +1679,7 @@ function validateForm(silence) {
 
 				// Sometimes the alert gives us enough time!
 				if (typeof getAttributeComponents != "undefined")
-					alert("Dont bother, our JS is loaded now!");
+					alert("Don\'t bother, our JS is loaded now!");
 			}
 
 			validateForm(true);
@@ -2466,7 +2466,7 @@ function deleteAttribute(attrName,friendlyName,i)
 		if ($val = $attribute->getValue($i))
 			$default = get_enc_type($val);
 		else
-			$default = $this->getServer()->getValue('appearance','password_hash');
+			$default = $this->getServer()->getValue('appearance','pla_password_hash');
 
 		if (! $attribute->getPostValue())
 			printf('<input type="hidden" name="post_value[%s][]" value="%s" />',$attribute->getName(),$i);

lib/ds_ldap.php

@@ -181,6 +181,14 @@ class ldap extends DS {
 		 * specifies deref behavior for each ldap_search operation. */
 		ldap_set_option($resource,LDAP_OPT_REFERRALS,0);
 
+		/* Enabling manageDsaIt to be able to browse through glued entries
+		 * 2.16.840.1.113730.3.4.2 :  "ManageDsaIT Control" "RFC 3296" "The client may provide
+		 * the ManageDsaIT control with an operation to indicate that the operation is intended
+		 * to manage objects within the DSA (server) Information Tree. The control causes
+		 * Directory-specific entries (DSEs), regardless of type, to be treated as normal entries
+		 * allowing clients to interrogate and update these entries using LDAP operations." */
+		ldap_set_option($resource,LDAP_OPT_SERVER_CONTROLS,array(array('oid'=>'2.16.840.1.113730.3.4.2')));
+
 		# Try to fire up TLS is specified in the config
 		if ($this->isTLSEnabled())
 			$this->startTLS($resource);
@@ -251,7 +259,7 @@ class ldap extends DS {
 			else
 				$userDN = $this->getLoginID($user,'login');
 
-			if (! $userDN && $this->getValue('login','fallback_dn'))
+			if (! $userDN && $this->getValue('login','fallback_dn') && strpos($user, '='))
 				$userDN = $user;
 
 			if (! $userDN)
@@ -1116,13 +1124,14 @@ class ldap extends DS {
 
 		if (is_array($dn)) {
 			$a = array();
-			foreach ($dn as $key => $rdn)
-				$a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn);
-
+			foreach ($dn as $key => $rdn) {
+				$a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/', function($m) { return chr(hexdec('${m[1]}')); }, $rdn);
+			}
 			return $a;
 
-		} else
-			return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn);
+		} else {
+			return preg_replace_callback('/\\\([0-9A-Fa-f]{2})/', function($m) { return chr(hexdec('${m[1]}')); }, $dn);
+		}
 	}
 
 	public function getRootDSE($method=null) {

lib/ds_ldap_pla.php

@@ -16,7 +16,7 @@ class ldap_pla extends ldap {
 	function __construct($index) {
 		parent::__construct($index);
 
-		$this->default->appearance['password_hash'] = array(
+		$this->default->appearance['pla_password_hash'] = array(
 			'desc'=>'Default HASH to use for passwords',
 			'default'=>'md5');
 

lib/functions.php

@@ -51,7 +51,7 @@ if (file_exists(LIBDIR.'functions.custom.php'))
 /**
  * Loads class definition
  */
-function __autoload($className) {
+function pla_autoload($className) {
 	if (file_exists(HOOKSDIR."classes/$className.php"))
 		require_once(HOOKSDIR."classes/$className.php");
 	elseif (file_exists(LIBDIR."$className.php"))
@@ -66,10 +66,16 @@ function __autoload($className) {
 			'type'=>'error'));
 }
 
+if (version_compare(phpversion(), '7.0', '>=')) {
+	spl_autoload_register('pla_autoload');
+} else {
+	eval('function __autoload($className) {pla_autoload($className);}');
+}
+
 /**
  * Strips all slashes from the specified array in place (pass by ref).
  * @param Array The array to strip slashes from, typically one of
- *                     $_GET, $_POST, or $_COOKIE.
+ *        $_GET, $_POST, or $_COOKIE.
  */
 function array_stripslashes(&$array) {
 	if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
@@ -362,7 +368,7 @@ function cmd_control_pane($type) {
 
 				'hide_debug_info'=>array(
 					'title'=>_('Show Cache'),
-					'enable'=>isset($_SESSION[APPCONFIG]) ? $_SESSION[APPCONFIG]->isCommandAvailable('script','show_cache') : false,
+					'enable'=>isset($_SESSION[APPCONFIG]) ? ($_SESSION[APPCONFIG]->isCommandAvailable('script','show_cache')) && (! $_SESSION[APPCONFIG]->getValue('appearance','hide_debug_info')) : false,
 					'link'=>sprintf('href="cmd.php?cmd=show_cache" onclick="return ajDISPLAY(\'BODY\',\'cmd=show_cache\',\'%s\');" title="%s"',
 						_('Loading'),_('Show Cache'),_('Show Cache')),
 					'image'=>sprintf('<img src="%s/debug-cache.png" alt="%s" />',IMGDIR,_('Show Cache'))),
@@ -745,6 +751,11 @@ function blowfish_encrypt($data,$secret=null) {
 	if (! trim($secret))
 		return $data;
 
+	if (! empty($data) && function_exists('openssl_encrypt') && in_array('bf-ecb', openssl_get_cipher_methods())) {
+		$keylen = openssl_cipher_iv_length('bf-ecb') * 2;
+		return openssl_encrypt($data, 'bf-ecb', substr($secret,0,$keylen));
+	}
+
 	if (function_exists('mcrypt_module_open') && ! empty($data)) {
 		$td = mcrypt_module_open(MCRYPT_BLOWFISH,'',MCRYPT_MODE_ECB,'');
 		$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td),MCRYPT_DEV_URANDOM);
@@ -801,6 +812,11 @@ function blowfish_decrypt($encdata,$secret=null) {
 	if (! trim($secret))
 		return $encdata;
 
+	if (! empty($encdata) && function_exists('openssl_encrypt') && in_array('bf-ecb', openssl_get_cipher_methods())) {
+		$keylen = openssl_cipher_iv_length('bf-ecb') * 2;
+		return trim(openssl_decrypt($encdata, 'bf-ecb', substr($secret,0,$keylen)));
+	}
+
 	if (function_exists('mcrypt_module_open') && ! empty($encdata)) {
 		$td = mcrypt_module_open(MCRYPT_BLOWFISH,'',MCRYPT_MODE_ECB,'');
 		$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td),MCRYPT_DEV_URANDOM);
@@ -993,6 +1009,23 @@ function get_custom_file($index,$filename,$path) {
 	return $return;
 }
 
+/**
+ * Replacement for create_function() which is deprecated as of php 7.2
+ *
+ * @param string The function arguments
+ * @param string The function code
+ */
+function pla_create_function($args, $code) {
+	if (version_compare(phpversion(),'7.0','>=')) {
+		# anonymous functions were introduced in PHP 5.3.0
+		return eval("return function(".$args."){".$code."};");
+
+	} else {
+		# create_function is deprecated in php 7.2
+		return create_function($args, $code);
+	}
+}
+
 /**
  * Sort a multi dimensional array.
  *
@@ -1080,7 +1113,7 @@ function masort(&$data,$sortby,$rev=0) {
 
 		$code .= 'return $c;';
 
-		$CACHE[$sortby] = create_function('$a, $b',$code);
+		$CACHE[$sortby] = pla_create_function('$a, $b',$code);
 	}
 
 	uasort($data,$CACHE[$sortby]);
@@ -2116,6 +2149,8 @@ function password_types() {
 		'smd5'=>'smd5',
 		'ssha'=>'ssha',
 		'sha512'=>'sha512',
+		'sha256crypt'=>'sha256crypt',
+		'sha512crypt'=>'sha512crypt',
 	);
 }
 
@@ -2124,10 +2159,11 @@ function password_types() {
  *
  * @param string The password to hash in clear text.
  * @param string Standard LDAP encryption type which must be one of
- *        crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512, or clear.
+ *        crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512,
+ *        sha256crypt, sha512crypt, or clear.
  * @return string The hashed password.
  */
-function password_hash($password_clear,$enc_type) {
+function pla_password_hash($password_clear,$enc_type) {
 	if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
 		debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
 
@@ -2227,6 +2263,20 @@ function password_hash($password_clear,$enc_type) {
 
 			break;
 
+		case 'sha256crypt':
+			if (! defined('CRYPT_SHA256') || CRYPT_SHA256 == 0)
+				error(_('Your system crypt library does not support sha256crypt encryption.'),'error','index.php');
+			$new_value = sprintf('{CRYPT}%s',crypt($password_clear,'$5$'.random_salt(8)));
+
+			break;
+
+		case 'sha512crypt':
+			if (! defined('CRYPT_SHA512') || CRYPT_SHA512 == 0)
+				error(_('Your system crypt library does not support sha512crypt encryption.'),'error','index.php');
+			$new_value = sprintf('{CRYPT}%s',crypt($password_clear,'$6$'.random_salt(8)));
+
+			break;
+
 		case 'clear':
 		default:
 			$new_value = $password_clear;
@@ -2318,7 +2368,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword
 
 		# SHA crypted passwords
 		case 'sha':
-			if (strcasecmp(password_hash($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0)
+			if (strcasecmp(pla_password_hash($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0)
 				return true;
 			else
 				return false;
@@ -2327,7 +2377,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword
 
 		# MD5 crypted passwords
 		case 'md5':
-			if( strcasecmp(password_hash($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0)
+			if( strcasecmp(pla_password_hash($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0)
 				return true;
 			else
 				return false;
@@ -2392,7 +2442,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword
 
 		# SHA512 crypted passwords
 		case 'sha512':
-			if (strcasecmp(password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
+			if (strcasecmp(pla_password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
 				return true;
 			else
 				return false;
@@ -2470,6 +2520,32 @@ function draw_chooser_link($form,$element,$include_choose_text=true,$rdn='none')
 		printf('<span class="x-small"><a href="%s" title="%s">%s</a></span>',$href,$title,_('browse'));
 }
 
+/**
+ * http://php.net/manual/en/function.ldap-explode-dn.php#34724
+ * fixed for:
+ * Keep attention on UTF8 encoded DNs. Since openLDAP >=2.1.2
+ * ldap_explode_dn turns unprintable chars (in the ASCII sense, UTF8
+ * encoded) into \<hexcode>.
+ */
+function ldap_explode_dn_patch($dn,$with_attrib) {
+	$result = ldap_explode_dn($dn,$with_attrib);
+	if (! $result)
+		return null;
+
+	# translate hex code into ascii again
+	foreach ($result as $key => $value) {
+		$result[$key] = preg_replace_callback(
+			"/\\\([0-9A-Fa-f]{2})/",
+			function ($matches) {
+				return chr(hexdec($matches[1]));
+			},
+			$value
+		);
+	}
+
+	return $result;
+}
+
 /**
  * Explode a DN into an array of its RDN parts.
  *
@@ -2505,8 +2581,8 @@ function pla_explode_dn($dn,$with_attributes=0) {
 	$dn = addcslashes($dn,'<>+";');
 
 	# split the dn
-	$result[0] = ldap_explode_dn(dn_escape($dn),0);
-	$result[1] = ldap_explode_dn(dn_escape($dn),1);
+	$result[0] = ldap_explode_dn_patch(dn_escape($dn),0);
+	$result[1] = ldap_explode_dn_patch(dn_escape($dn),1);
 	if (! $result[$with_attributes]) {
 		if (DEBUG_ENABLED)
 			debug_log('Returning NULL - NO result.',1,0,__FILE__,__LINE__,__METHOD__);
@@ -2565,12 +2641,22 @@ function dn_unescape($dn) {
 		$a = array();
 
 		foreach ($dn as $key => $rdn)
-			$a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn);
+			$a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
+				function ($r) {
+					return chr(hexdec($r[1]));
+				},
+				$rdn
+			);
 
 		return $a;
 
 	} else {
-		return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn);
+		return preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
+			function ($r) {
+				return chr(hexdec($r[1]));
+			},
+			$dn
+		);
 	}
 }
 
@@ -2583,35 +2669,21 @@ function dn_unescape($dn) {
  * @return string The URL to the requested item.
  */
 function get_href($type,$extra_info='') {
-	$sf = 'https://sourceforge.net';
 	$pla = 'http://phpldapadmin.sourceforge.net';
-	$group_id = '61828';
-	$bug_atid = '498546';
-	$rfe_atid = '498549';
-	$forum_id = 'phpldapadmin-users';
 
 	switch($type) {
 		case 'add_bug':
-			return sprintf('%s/tracker/?func=add&amp;group_id=%s&amp;atid=%s',$sf,$group_id,$bug_atid);
+			return 'https://github.com/leenooks/phpLDAPadmin/issues';
 		case 'add_rfe':
-			return sprintf('%s/tracker/?func=add&amp;group_id=%s&amp;atid=%s',$sf,$group_id,$rfe_atid);
+			return 'https://github.com/leenooks/phpLDAPadmin/issues';
 		case 'credits':
 			return sprintf('%s/Credits',$pla);
 		case 'documentation':
 			return sprintf('%s/Documentation',$pla);
 		case 'donate':
-			return sprintf('%s/donate/index.php?group_id=%s',$sf,$group_id);
+			return 'https://sourceforge.net/donate/index.php?group_id=61828';
 		case 'forum':
-			return sprintf('%s/mailarchive/forum.php?forum_name=%s',$sf,$forum_id);
-		case 'logo':
-			if (! isset($_SERVER['HTTPS']) || strtolower($_SERVER['HTTPS']) != 'on')
-				$proto = 'http';
-			else
-				$proto = 'https';
-
-			return isset($_SESSION) && ! $_SESSION[APPCONFIG]->getValue('appearance','remoteurls') ? '' : sprintf('%s://sflogo.sourceforge.net/sflogo.php?group_id=%s&amp;type=10',$proto,$group_id);
-		case 'sf':
-			return sprintf('%s/projects/phpldapadmin',$sf);
+			return 'https://stackoverflow.com/questions/tagged/phpldapadmin';
 		case 'web':
 			return sprintf('%s',$pla);
 		default:

lib/page.php

@@ -323,7 +323,7 @@ class page {
 		printf('<tr class="foot"><td><small>%s</small></td><td colspan="2"><div id="ajFOOT">%s</div>%s</td></tr>',
 			isCompress() ? '[C]' : '&nbsp;',
 			app_version(),
-			get_href('logo') ? sprintf('<a href="%s"><img src="%s" alt="SourceForge.net Logo" style="border: 0px;" /></a>',get_href('sf'),get_href('logo')) : '&nbsp;');
+			'&nbsp;');
 	}
 
 	/**

templates/creation/posixAccount.xml

@@ -72,9 +72,13 @@
 	<page>1</page>
 	<!-- <value><![CDATA[=php.PickList(/;(&(objectClass=posixAccount));loginShell;%loginShell%;;;;loginShell)]]></value> -->
 	<type>select</type>
-	<value id="/bin/sh">Bash</value>
+	<value id="/bin/bash">Bash</value>
 	<value id="/bin/csh">C Shell</value>
+	<value id="/bin/dash">Dash</value>
+	<value id="/bin/sh">Shell</value>
 	<value id="/bin/tsh">Turbo C Shell</value>
+	<value id="/bin/false">False</value>
+	<value id="/usr/sbin/nologin">No Login</value>
 </attribute>
 <attribute id="userPassword">
 	<display>Password</display>