1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 class password extends plugin
24 {
25 /* Definitions */
26 var $plHeadline = "Password";
27 var $plDescription = "Change user password";
29 function password(&$config, $dn= NULL, $parent= NULL)
30 {
31 plugin::plugin($config, $dn, $parent);
32 }
35 function execute()
36 {
37 plugin::execute();
38 $smarty = get_smarty();
39 $ui = get_userinfo();
41 /* Get acls */
42 $password_ACLS = $ui->get_permissions($ui->dn,"users/password");
43 $smarty->assign("ChangeACL" , $password_ACLS);
44 $smarty->assign("NotAllowed" , !preg_match("/w/i",$password_ACLS));
46 /* Display expiration template */
47 if ($this->config->get_cfg_value("handleExpiredAccounts") == "true"){
48 $expired= ldap_expired_account($this->config, $ui->dn, $ui->username);
49 if($expired == 4){
50 return($smarty->fetch(get_template_path("nochange.tpl", TRUE)));
51 }
52 }
54 /* Pwd change requested */
55 if (isset($_POST['password_finish'])){
57 /* Should we check different characters in new password */
58 $check_differ = $this->config->get_cfg_value("passwordMinDiffer") != "";
59 $differ = $this->config->get_cfg_value("passwordMinDiffer", 0);
61 /* Enable length check ? */
62 $check_length = $this->config->get_cfg_value("passwordMinLength") != "";
63 $length = $this->config->get_cfg_value("passwordMinLength", 0);
65 /* Call external password quality hook ?*/
66 $check_hook = $this->config->get_cfg_value("passwordHook") != "";
67 $hook = $this->config->get_cfg_value("passwordHook")." ".$ui->username." ".$_POST['current_password']." ".$_POST['new_password'];
68 if($check_hook){
69 exec($hook,$resarr);
70 $check_hook_output = "";
71 if(count($resarr) > 0) {
72 $check_hook_output= join('\n', $resarr);
73 }
74 }
76 /* Check given values */
77 if(!isset($_POST['current_password']) || empty($_POST['current_password'])){
78 msg_dialog::display(_("Password change"),
79 _("You need to specify your current password in order to proceed."),WARNING_DIALOG);
80 }elseif ($_POST['new_password'] != $_POST['repeated_password']){
81 msg_dialog::display(_("Password change"),
82 _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."),WARNING_DIALOG);
83 } elseif ($_POST['new_password'] == ""){
84 msg_dialog::display(_("Password change"),
85 _("The password you've entered as 'New password' is empty."),WARNING_DIALOG);
86 }elseif($check_differ && (substr($_POST['current_password'], 0, $differ) == substr($_POST['new_password'], 0, $differ))){
87 msg_dialog::display(_("Password change"),
88 _("The password used as new and current are too similar."),WARNING_DIALOG);
89 }elseif($check_length && (strlen($_POST['new_password']) < $length)){
90 msg_dialog::display(_("Password change"),
91 _("The password used as new is to short."),WARNING_DIALOG);
92 }elseif(!passwordMethod::is_harmless($_POST['new_password'])){
93 msg_dialog::display(_("Password change"),
94 _("The password contains possibly problematic unicode characters!"),WARNING_DIALOG);
95 }elseif($check_hook && $check_hook_output != ""){
96 msg_dialog::display(_("Password change"),
97 sprintf(_("External password changer reported a problem: %s."),$check_hook_output),WARNING_DIALOG);
98 }else{
100 /* Try to connect via current password */
101 $tldap = new LDAP(
102 $ui->dn,
103 $_POST['current_password'],
104 $this->config->current['SERVER'],
105 $this->config->get_cfg_value("ldapFollowReferrals") == "true",
106 $this->config->get_cfg_value("ldapTLS") == "true");
108 /* connection Successfull ? */
109 if (!$tldap->success()){
110 msg_dialog::display(_("Password change"),
111 _("The password you've entered as your current password doesn't match the real one."),WARNING_DIALOG);
112 }else{
114 /* Check GOsa permissions */
115 if (!preg_match("/w/i",$password_ACLS)){
116 msg_dialog::display(_("Password change"),
117 _("You have no permission to change your password."),WARNING_DIALOG);
118 }else{
119 $this->change_password($ui->dn, $_POST['new_password']);
120 gosa_log ("User/password has been changed");
121 $ui->password= $_POST['new_password'];
122 session::set('ui',$ui);
123 #$this->handle_post_events("modify",array("userPassword" => $_POST['new_password']));
124 return($smarty->fetch(get_template_path("changed.tpl", TRUE)));
125 }
126 }
127 }
128 }
129 return($smarty->fetch(get_template_path("password.tpl", TRUE)));
130 }
132 function change_password($dn, $pwd)
133 {
134 change_password ($dn, $pwd);
135 }
137 function remove_from_parent()
138 {
139 $this->handle_post_events("remove");
140 }
142 function save()
143 {
144 }
146 static function plInfo()
147 {
148 return (array(
149 "plDescription" => _("User password"),
150 "plSelfModify" => TRUE,
151 "plDepends" => array("user"),
152 "plPriority" => 10,
153 "plSection" => array("personal" => _("My account")),
154 "plCategory" => array("users"),
155 "plOptions" => array(),
157 "plProvidedAcls" => array())
158 );
159 }
161 }
162 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
163 ?>