113 lines
3.3 KiB
PHP
113 lines
3.3 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
session_start();
|
|
|
|
// Load config
|
|
$config = require __DIR__ . '/../../config/config.php';
|
|
|
|
// Simple login check (same as index.php)
|
|
$sessionKey = $config['security']['session_key_user'] ?? 'admin_user';
|
|
if (!isset($_SESSION[$sessionKey])) {
|
|
header('Location: ../index.php?route=login');
|
|
exit;
|
|
}
|
|
|
|
// Only accept POST
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
header('Location: ../index.php?route=createuser');
|
|
exit;
|
|
}
|
|
|
|
// Basic input validation
|
|
$sam = trim((string)($_POST['samaccountname'] ?? ''));
|
|
$display = trim((string)($_POST['displayname'] ?? ''));
|
|
$mail = trim((string)($_POST['mail'] ?? ''));
|
|
$pass = (string)($_POST['password'] ?? '');
|
|
$ou = trim((string)($_POST['ou'] ?? ''));
|
|
$groups = trim((string)($_POST['groups'] ?? ''));
|
|
|
|
if ($sam === '' || $pass === '') {
|
|
$_SESSION['flash_error'] = 'Anmeldename und Passwort sind erforderlich.';
|
|
header('Location: ../index.php?route=createuser');
|
|
exit;
|
|
}
|
|
|
|
// Build payload
|
|
$payload = [
|
|
'samaccountname' => $sam,
|
|
'displayname' => $display,
|
|
'mail' => $mail,
|
|
'password' => $pass,
|
|
'ou' => $ou,
|
|
'groups' => $groups,
|
|
'dry_run' => (bool)($config['powershell']['dry_run'] ?? false),
|
|
];
|
|
|
|
// Write payload to temp file
|
|
$tmpFile = tempnam(sys_get_temp_dir(), 'create_user_') . '.json';
|
|
file_put_contents($tmpFile, json_encode($payload, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
|
|
|
|
// Build PS script path
|
|
$scriptDir = $config['powershell']['script_dir'] ?? __DIR__ . '/../../scripts/powershell';
|
|
$script = $scriptDir . DIRECTORY_SEPARATOR . 'create_user.ps1';
|
|
|
|
$exe = $config['powershell']['exe'] ?? 'powershell';
|
|
$executionPolicy = $config['powershell']['execution_policy'] ?? 'Bypass';
|
|
|
|
$cmd = sprintf(
|
|
'%s -NoProfile -NonInteractive -ExecutionPolicy %s -File "%s" -InputFile "%s"',
|
|
$exe,
|
|
$executionPolicy,
|
|
$script,
|
|
$tmpFile
|
|
);
|
|
|
|
// Execute and capture output and exit code
|
|
$output = [];
|
|
$returnVar = null;
|
|
if (!file_exists($script)) {
|
|
$_SESSION['flash_error'] = 'PowerShell-Skript nicht gefunden: ' . $script;
|
|
@unlink($tmpFile);
|
|
header('Location: ../index.php?route=createuser');
|
|
exit;
|
|
}
|
|
|
|
// Try to locate the PowerShell executable
|
|
$exePathCheck = shell_exec(sprintf('where %s 2>NUL', escapeshellarg($exe)));
|
|
if ($exePathCheck === null) {
|
|
// 'where' returns null when command fails; continue anyways, exec will fail if not found
|
|
}
|
|
|
|
exec($cmd . ' 2>&1', $output, $returnVar);
|
|
$json = implode("\n", $output);
|
|
|
|
// Optional: write raw output into logs for debugging
|
|
@file_put_contents(__DIR__ . '/../logs/create_user_output.log', date('Y-m-d H:i:s') . ' CMD: ' . $cmd . "\n" . $json . "\n\n", FILE_APPEND | LOCK_EX);
|
|
|
|
@unlink($tmpFile);
|
|
|
|
// Try to parse JSON output
|
|
$result = null;
|
|
if ($json !== '') {
|
|
$decoded = json_decode($json, true);
|
|
if (is_array($decoded)) {
|
|
$result = $decoded;
|
|
}
|
|
}
|
|
|
|
if ($result === null) {
|
|
$_SESSION['flash_error'] = 'Unbekannter Fehler beim Ausführen des PowerShell-Skripts: ' . ($json ?: 'Keine Ausgabe');
|
|
header('Location: ../index.php?route=createuser');
|
|
exit;
|
|
}
|
|
|
|
if (!empty($result['success'])) {
|
|
$_SESSION['flash_success'] = $result['message'] ?? 'Benutzer erfolgreich erstellt.';
|
|
} else {
|
|
$_SESSION['flash_error'] = $result['message'] ?? 'Fehler beim Erstellen des Benutzers.';
|
|
}
|
|
|
|
header('Location: ../index.php?route=createuser');
|
|
exit;
|