1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 class password extends plugin
24 {
25 /* Definitions */
26 var $plHeadline = "Change password";
27 var $plDescription = "Change user password";
29 var $proposal = "";
30 var $proposalEnabled = FALSE;
31 var $proposalSelected = FALSE;
33 function password(&$config, $dn= NULL, $parent= NULL)
34 {
35 plugin::plugin($config, $dn, $parent);
37 // Try to generate a password proposal, if this is successfull
38 // then preselect the proposal usage.
39 $this->refreshProposal();
40 if($this->proposal != ""){
41 $this->proposalSelected = TRUE;
42 }
43 }
46 function refreshProposal()
47 {
48 $this->proposal = passwordMethod::getPasswordProposal($this->config);
49 if($this->proposal != ""){
50 $this->proposalEnabled =TRUE;
51 }
52 }
55 function execute()
56 {
57 plugin::execute();
58 $smarty = get_smarty();
59 $ui = get_userinfo();
61 /* Get acls */
62 $password_ACLS = $ui->get_permissions($ui->dn,"users/password");
63 $smarty->assign("ChangeACL" , $password_ACLS);
64 $smarty->assign("NotAllowed" , !preg_match("/w/i",$password_ACLS));
66 /* Display expiration template */
67 if ($this->config->get_cfg_value("core","handleExpiredAccounts") == "true"){
68 $expired= ldap_expired_account($this->config, $ui->dn, $ui->username);
69 if($expired == 4){
70 return($smarty->fetch(get_template_path("nochange.tpl", TRUE)));
71 }
72 }
74 // Refresh proposal if requested
75 if(isset($_POST['refreshProposal'])) $this->refreshProposal();
76 $smarty->assign("proposal" , $this->proposal);
77 $smarty->assign("proposalEnabled" , $this->proposalEnabled);
78 $smarty->assign("proposalSelected" , $this->proposalSelected);
80 if(isset($_POST['proposalSelected'])) $this->proposalSelected = get_post('proposalSelected') == 1;
82 /* Pwd change requested */
83 if (isset($_POST['password_finish'])){
85 if($this->proposalSelected){
86 $current_password = get_post('current_password');
87 $new_password = $this->proposal;
88 $repeated_password = $this->proposal;
89 }else{
90 $current_password = get_post('current_password');
91 $new_password = get_post('new_password');
92 $repeated_password = get_post('repeated_password');
93 }
96 /* Should we check different characters in new password */
97 $check_differ = $this->config->get_cfg_value("core","passwordMinDiffer") != "";
98 $differ = $this->config->get_cfg_value("core","passwordMinDiffer");
100 /* Enable length check ? */
101 $check_length = $this->config->get_cfg_value("core","passwordMinLength") != "";
102 $length = $this->config->get_cfg_value("core","passwordMinLength");
104 /* Call external password quality hook ?*/
105 $check_hook = $this->config->get_cfg_value("core","passwordHook") != "";
106 $hook = $this->config->get_cfg_value("core","passwordHook")." ".
107 $ui->username." ".$current_password." ".$new_password;
109 if($check_hook){
110 exec($hook,$resarr);
111 $check_hook_output = "";
112 if(count($resarr) > 0) {
113 $check_hook_output= join('\n', $resarr);
114 }
115 }
117 /* Check given values */
118 if(empty($current_password)){
119 msg_dialog::display(_("Password change"),
120 _("You need to specify your current password in order to proceed."),WARNING_DIALOG);
121 }elseif ($new_password != $repeated_password){
122 msg_dialog::display(_("Password change"),
123 _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."),WARNING_DIALOG);
124 } elseif ($new_password == ""){
125 msg_dialog::display(_("Password change"),
126 _("The password you've entered as 'New password' is empty."),WARNING_DIALOG);
127 }elseif($check_differ && (substr($current_password, 0, $differ) == substr($new_password, 0, $differ))){
128 msg_dialog::display(_("Password change"),
129 _("The password used as new and current are too similar."),WARNING_DIALOG);
130 }elseif($check_length && (strlen($new_password) < $length)){
131 msg_dialog::display(_("Password change"),
132 _("The password used as new is to short."),WARNING_DIALOG);
133 }elseif(!passwordMethod::is_harmless($new_password)){
134 msg_dialog::display(_("Password change"),
135 _("The password contains possibly problematic unicode characters!"),WARNING_DIALOG);
136 }elseif($check_hook && $check_hook_output != ""){
137 msg_dialog::display(_("Password change"),
138 sprintf(_("External password changer reported a problem: %s."),$check_hook_output),WARNING_DIALOG);
139 }else{
141 /* Try to connect via current password */
142 $tldap = new LDAP(
143 $ui->dn,
144 $current_password,
145 $this->config->current['SERVER'],
146 $this->config->get_cfg_value("core","ldapFollowReferrals") == "true",
147 $this->config->get_cfg_value("core","ldapTLS") == "true");
149 /* connection Successfull ? */
150 if (!$tldap->success()){
151 msg_dialog::display(_("Password change"),
152 _("The password you've entered as your current password doesn't match the real one."),WARNING_DIALOG);
153 }else{
155 /* Check GOsa permissions */
156 if (!preg_match("/w/i",$password_ACLS)){
157 msg_dialog::display(_("Password change"),
158 _("You have no permission to change your password."),WARNING_DIALOG);
159 }else{
160 $this->change_password($ui->dn, $new_password);
161 gosa_log ("User/password has been changed");
162 $ui->password= $new_password;
163 session::set('ui',$ui);
164 #$this->handle_post_events("modify",array("userPassword" => $new_password));
165 return($smarty->fetch(get_template_path("changed.tpl", TRUE)));
166 }
167 }
168 }
169 }
170 return($smarty->fetch(get_template_path("password.tpl", TRUE)));
171 }
173 function change_password($dn, $pwd)
174 {
175 change_password ($dn, $pwd);
176 }
178 function remove_from_parent()
179 {
180 $this->handle_post_events("remove");
181 }
183 function save()
184 {
185 }
187 static function plInfo()
188 {
189 return (array(
190 "plDescription" => _("User password"),
191 "plSelfModify" => TRUE,
192 "plDepends" => array("user"),
193 "plPriority" => 10,
194 "plSection" => array("personal" => _("My account")),
195 "plCategory" => array("users"),
196 "plOptions" => array(),
198 "plProvidedAcls" => array())
199 );
200 }
202 }
203 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
204 ?>