1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2003-2007 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
21 function displayPWchanger()
22 {
23 global $smarty;
25 $smarty->display(get_template_path('password.tpl'));
26 exit();
27 }
29 /* Load required includes */
30 require_once ("../include/php_setup.inc");
31 require_once ("functions.inc");
33 if(!class_exists("log")){
34 require_once("class_log.inc");
35 }
37 header("Content-type: text/html; charset=UTF-8");
39 session_start();
41 /* Destroy old session if exists.
42 Else you will get your old session back, if you not logged out correctly. */
43 if(is_array($_SESSION) && count($_SESSION)){
44 session_destroy();
45 session_start();
46 }
48 /* Reset errors */
49 $_SESSION['js'] = true;
50 $_SESSION['errors'] = "";
51 $_SESSION['errorsAlreadyPosted']= array();
52 $_SESSION['LastError'] = "";
54 /* Check if CONFIG_FILE is accessible */
55 if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)){
56 echo sprintf(_("GOsa configuration %s/%s is not readable. Aborted."), CONFIG_DIR,CONFIG_FILE);
57 exit();
58 }
60 /* Parse configuration file */
61 $config= new config(CONFIG_DIR."/".CONFIG_FILE, $BASE_DIR);
62 $_SESSION['DEBUGLEVEL']= $config->data['MAIN']['DEBUGLEVEL'];
63 if ($_SERVER["REQUEST_METHOD"] != "POST"){
64 @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config");
65 }
67 /* Set template compile directory */
68 if (isset ($config->data['MAIN']['COMPILE'])){
69 $smarty->compile_dir= $config->data['MAIN']['COMPILE'];
70 } else {
71 $smarty->compile_dir= '/var/spool/gosa';
72 }
74 /* Check for compile directory */
75 if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))){
76 echo sprintf(_("Directory '%s' specified as compile directory is not accessible!"),
77 $smarty->compile_dir);
78 exit();
79 }
81 /* Check for old files in compile directory */
82 clean_smarty_compile_dir($smarty->compile_dir);
84 /* Language setup */
85 if ($config->data['MAIN']['LANG'] == ""){
86 $lang= get_browser_language();
87 } else {
88 $lang= $config->data['MAIN']['LANG'];
89 }
90 $lang.=".UTF-8";
91 putenv("LANGUAGE=");
92 putenv("LANG=$lang");
93 setlocale(LC_ALL, $lang);
94 $GLOBALS['t_language']= $lang;
95 $GLOBALS['t_gettext_message_dir'] = $BASE_DIR.'/locale/';
97 /* Set the text domain as 'messages' */
98 $domain = 'messages';
99 bindtextdomain($domain, "$BASE_DIR/locale");
100 textdomain($domain);
102 /* Generate server list */
103 $servers= array();
104 if (isset($_POST['server'])){
105 $directory= validate($_POST['server']);
106 } else {
107 $directory= $config->data['MAIN']['DEFAULT'];
108 }
109 foreach ($config->data['LOCATIONS'] as $key => $ignored){
110 $servers[$key]= $key;
111 }
112 if (isset($_GET['directory']) && isset($servers[$_GET['directory']])){
113 $smarty->assign ("show_directory_chooser", false);
114 $directory= validate($_GET['directory']);
115 } else {
116 $smarty->assign ("server_options", $servers);
117 $smarty->assign ("server_id", $directory);
118 $smarty->assign ("show_directory_chooser", true);
119 }
121 /* Set config to selected one */
122 $config->set_current($directory);
123 $_SESSION['config']= $config;
125 if ($_SERVER["REQUEST_METHOD"] != "POST"){
126 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to");
127 }
130 /* Check for SSL connection */
131 $ssl= "";
132 if (!isset($_SERVER['HTTPS']) ||
133 !stristr($_SERVER['HTTPS'], "on")) {
135 if (empty($_SERVER['REQUEST_URI'])) {
136 $ssl= "https://".$_SERVER['HTTP_HOST'].
137 $_SERVER['PATH_INFO'];
138 } else {
139 $ssl= "https://".$_SERVER['HTTP_HOST'].
140 $_SERVER['REQUEST_URI'];
141 }
142 }
144 /* If SSL is forced, just forward to the SSL enabled site */
145 if ($config->data['MAIN']['FORCESSL'] == 'true' && $ssl != ''){
146 header ("Location: $ssl");
147 exit;
148 }
150 /* Check for selected password method */
151 $method= $config->current['HASH'];
152 if (isset($_GET['method'])){
153 $method= validate($_GET['method']);
154 $tmp = new passwordMethod($config);
155 $available = $tmp->get_available_methods_if_not_loaded();
156 if (!isset($available[$method])){
157 echo _("Error: Password method not available!");
158 exit;
159 }
160 }
163 /* Check for selected user... */
164 if (isset($_GET['uid']) && $_GET['uid'] != ""){
165 $uid= validate($_GET['uid']);
166 $smarty->assign('display_username', false);
167 } elseif (isset($_POST['uid'])){
168 $uid= validate($_POST['uid']);
169 $smarty->assign('display_username', true);
170 } else {
171 $uid= "";
172 $smarty->assign('display_username', true);
173 }
174 $current_password= "";
175 $smarty->assign("changed", false);
177 /* Got a formular answer, validate and try to log in */
178 if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['apply'])){
180 /* Destroy old sessions, they cause a successfull login to relog again ...*/
181 if(isset($_SESSION['_LAST_PAGE_REQUEST'])){
182 $_SESSION['_LAST_PAGE_REQUEST'] = time();
183 }
185 $message= array();
186 $current_password= $_POST['current_password'];
188 /* Do new and repeated password fields match? */
189 $new_password= $_POST['new_password'];
190 if ($_POST['new_password'] != $_POST['new_password_repeated']){
191 $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match.");
192 } else {
193 if ($_POST['new_password'] == ""){
194 $message[]= _("The password you've entered as 'New password' is empty.");
195 }
196 }
198 /* Password policy fulfilled? */
199 if (isset($config->data['MAIN']['PWDIFFER'])){
200 $l= $config->data['MAIN']['PWDIFFER'];
201 if (substr($_POST['current_password'], 0, $l) == substr($_POST['new_password'], 0, $l)){
202 $message[]= _("The password used as new and current are too similar.");
203 }
204 }
205 if (isset($config->data['MAIN']['PWMINLEN'])){
206 if (strlen($_POST['new_password']) < $config->data['MAIN']['PWMINLEN']){
207 $message[]= _("The password used as new is to short.");
208 }
209 }
211 /* Validate */
212 if (!ereg("^[A-Za-z0-9_.-]+$", $uid)){
213 $message[]= _("Please specify a valid username!");
214 } elseif (mb_strlen($_POST["current_password"], 'UTF-8') == 0){
215 $message[]= _("Please specify your password!");
216 } else {
218 /* Do we have the selected user somewhere? */
219 $ui= ldap_login_user ($uid, $current_password);
221 if ($ui == NULL){
222 $message[]= _("Please check the username/password combination.");
223 } else {
224 $acls = $ui->get_permissions($ui->dn,"users/password");
225 if(!preg_match("/w/i",$acls)){
226 $message[]= _("You have no permissions to change your password.");
227 }
228 }
229 }
231 /* Do we need to show error messages? */
232 if (count ($message) != 0){
233 /* Show error message and continue editing */
234 show_errors($message);
235 } else {
237 /* Passed quality check, just try to change the password now */
238 $output= "";
239 if (isset($config->data['MAIN']['EXTERNALPWDHOOK'])){
240 exec($config->data['MAIN']['EXTERNALPWDHOOK']." ".$ui->username." ".
241 $_POST['current_password']." ".$_POST['new_password'], $resarr);
242 if(count($resarr) > 0) {
243 $output= join('\n', $resarr);
244 }
245 }
246 if ($output != ""){
247 $message[]= _("External password changer reported a problem: ".$output);
248 show_errors($message);
249 } else {
250 if ($method != ""){
251 change_password ($ui->dn, $_POST['new_password'], 0, $method);
252 } else {
253 change_password ($ui->dn, $_POST['new_password']);
254 }
255 gosa_log ("User/password has been changed");
256 $smarty->assign("changed", true);
257 }
258 }
261 }
263 /* Parameter fill up */
264 $params= "";
265 foreach (array('uid', 'method', 'directory') as $index){
266 $params.= "&$index=".urlencode($$index);
267 }
268 $params= preg_replace('/^&/', '?', $params);
269 $smarty->assign('params', $params);
271 /* Fill template with required values */
272 $smarty->assign ('date', gmdate("D, d M Y H:i:s"));
273 $smarty->assign ('uid', $uid);
274 $smarty->assign ('password_img', get_template_path('images/password.png'));
276 /* Displasy SSL mode warning? */
277 if ($ssl != "" && $config->data['MAIN']['WARNSSL'] == 'true'){
278 $smarty->assign ("ssl", "<b>"._("Warning").":</b> "._("Session will not be encrypted.")." <a style=\"color:red;\" href=\"".htmlentities($ssl)."\"><b>"._("Enter SSL session")."</b></a>!");
279 } else {
280 $smarty->assign ("ssl", "");
281 }
283 /* show login screen */
284 $smarty->assign ("PHPSESSID", session_id());
285 if (isset($_SESSION['errors'])){
286 $smarty->assign("errors", $_SESSION['errors']);
287 }
288 if ($error_collector != ""){
289 $smarty->assign("php_errors", $error_collector."</div>");
290 } else {
291 $smarty->assign("php_errors", "");
292 }
294 displayPWchanger();
296 ?>
298 </body>
299 </html>
300 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: