1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2003-2007 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
21 function displayPWchanger()
22 {
23 global $smarty;
25 $smarty->display(get_template_path('password.tpl'));
26 exit();
27 }
29 /* Load required includes */
30 require_once ("../include/php_setup.inc");
31 require_once ("functions.inc");
32 header("Content-type: text/html; charset=UTF-8");
34 session_start();
36 /* Destroy old session if exists.
37 Else you will get your old session back, if you not logged out correctly. */
38 if(is_array($_SESSION) && count($_SESSION)){
39 session_destroy();
40 session_start();
41 }
43 /* Reset errors */
44 $_SESSION['js'] = true;
45 $_SESSION['errors'] = "";
46 $_SESSION['errorsAlreadyPosted']= array();
47 $_SESSION['LastError'] = "";
49 /* Check if CONFIG_FILE is accessible */
50 if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)){
51 echo sprintf(_("GOsa configuration %s/%s is not readable. Aborted."), CONFIG_DIR,CONFIG_FILE);
52 exit();
53 }
55 /* Parse configuration file */
56 $config= new config(CONFIG_DIR."/".CONFIG_FILE, $BASE_DIR);
57 $_SESSION['DEBUGLEVEL']= $config->data['MAIN']['DEBUGLEVEL'];
58 if ($_SERVER["REQUEST_METHOD"] != "POST"){
59 @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config");
60 }
62 /* Set template compile directory */
63 if (isset ($config->data['MAIN']['COMPILE'])){
64 $smarty->compile_dir= $config->data['MAIN']['COMPILE'];
65 } else {
66 $smarty->compile_dir= '/var/spool/gosa';
67 }
69 /* Check for compile directory */
70 if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))){
71 echo sprintf(_("Directory '%s' specified as compile directory is not accessible!"),
72 $smarty->compile_dir);
73 exit();
74 }
76 /* Check for old files in compile directory */
77 clean_smarty_compile_dir($smarty->compile_dir);
79 /* Language setup */
80 if ($config->data['MAIN']['LANG'] == ""){
81 $lang= get_browser_language();
82 } else {
83 $lang= $config->data['MAIN']['LANG'];
84 }
85 $lang.=".UTF-8";
86 putenv("LANGUAGE=");
87 putenv("LANG=$lang");
88 setlocale(LC_ALL, $lang);
89 $GLOBALS['t_language']= $lang;
90 $GLOBALS['t_gettext_message_dir'] = $BASE_DIR.'/locale/';
92 /* Set the text domain as 'messages' */
93 $domain = 'messages';
94 bindtextdomain($domain, "$BASE_DIR/locale");
95 textdomain($domain);
97 /* Generate server list */
98 $servers= array();
99 if (isset($_POST['server'])){
100 $directory= validate($_POST['server']);
101 } else {
102 $directory= $config->data['MAIN']['DEFAULT'];
103 }
104 foreach ($config->data['LOCATIONS'] as $key => $ignored){
105 $servers[$key]= $key;
106 }
107 if (isset($_GET['directory']) && isset($servers[$_GET['directory']])){
108 $smarty->assign ("show_directory_chooser", false);
109 $directory= validate($_GET['directory']);
110 } else {
111 $smarty->assign ("server_options", $servers);
112 $smarty->assign ("server_id", $directory);
113 $smarty->assign ("show_directory_chooser", true);
114 }
116 /* Set config to selected one */
117 $config->set_current($directory);
118 $_SESSION['config']= $config;
120 if ($_SERVER["REQUEST_METHOD"] != "POST"){
121 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to");
122 }
125 /* Check for SSL connection */
126 $ssl= "";
127 if (!isset($_SERVER['HTTPS']) ||
128 !stristr($_SERVER['HTTPS'], "on")) {
130 if (empty($_SERVER['REQUEST_URI'])) {
131 $ssl= "https://".$_SERVER['HTTP_HOST'].
132 $_SERVER['PATH_INFO'];
133 } else {
134 $ssl= "https://".$_SERVER['HTTP_HOST'].
135 $_SERVER['REQUEST_URI'];
136 }
137 }
139 /* If SSL is forced, just forward to the SSL enabled site */
140 if ($config->data['MAIN']['FORCESSL'] == 'true' && $ssl != ''){
141 header ("Location: $ssl");
142 exit;
143 }
145 /* Check for selected password method */
146 $method= $config->current['HASH'];
147 if (isset($_GET['method'])){
148 $method= validate($_GET['method']);
149 $tmp = new passwordMethod($config);
150 $available = $tmp->get_available_methods_if_not_loaded();
151 if (!isset($available[$method])){
152 echo _("Error: Password method not available!");
153 exit;
154 }
155 }
158 /* Check for selected user... */
159 if (isset($_GET['uid']) && $_GET['uid'] != ""){
160 $uid= validate($_GET['uid']);
161 $smarty->assign('display_username', false);
162 } elseif (isset($_POST['uid'])){
163 $uid= validate($_POST['uid']);
164 $smarty->assign('display_username', true);
165 } else {
166 $uid= "";
167 $smarty->assign('display_username', true);
168 }
169 $current_password= "";
170 $smarty->assign("changed", false);
172 /* Got a formular answer, validate and try to log in */
173 if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['apply'])){
175 /* Destroy old sessions, they cause a successfull login to relog again ...*/
176 if(isset($_SESSION['_LAST_PAGE_REQUEST'])){
177 $_SESSION['_LAST_PAGE_REQUEST'] = time();
178 }
180 $message= array();
181 $current_password= $_POST['current_password'];
183 /* Do new and repeated password fields match? */
184 $new_password= $_POST['new_password'];
185 if ($_POST['new_password'] != $_POST['new_password_repeated']){
186 $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match.");
187 } else {
188 if ($_POST['new_password'] == ""){
189 $message[]= _("The password you've entered as 'New password' is empty.");
190 }
191 }
193 /* Password policy fulfilled? */
194 if (isset($config->data['MAIN']['PWDIFFER'])){
195 $l= $config->data['MAIN']['PWDIFFER'];
196 if (substr($_POST['current_password'], 0, $l) == substr($_POST['new_password'], 0, $l)){
197 $message[]= _("The password used as new and current are too similar.");
198 }
199 }
200 if (isset($config->data['MAIN']['PWMINLEN'])){
201 if (strlen($_POST['new_password']) < $config->data['MAIN']['PWMINLEN']){
202 $message[]= _("The password used as new is to short.");
203 }
204 }
206 /* Validate */
207 if (!ereg("^[A-Za-z0-9_.-]+$", $uid)){
208 $message[]= _("Please specify a valid username!");
209 } elseif (mb_strlen($_POST["current_password"], 'UTF-8') == 0){
210 $message[]= _("Please specify your password!");
211 } else {
213 /* Do we have the selected user somewhere? */
214 $ui= ldap_login_user ($uid, $current_password);
215 if ($ui == NULL){
216 $message[]= _("");
217 } else {
218 /* Check acl... */
219 $ca= get_permissions ($ui->dn, $ui->subtreeACL);
220 $ca= get_module_permission($ca, "user", $ui->dn);
221 if (chkacl($ca, "password") != ""){
222 $message[]= _("You have no permissions to change your password.");
223 }
224 }
225 }
227 /* Do we need to show error messages? */
228 if (count ($message) != 0){
229 /* Show error message and continue editing */
230 show_errors($message);
231 } else {
233 /* Passed quality check, just try to change the password now */
234 $output= "";
235 if (isset($config->data['MAIN']['EXTERNALPWDHOOK'])){
236 exec($config->data['MAIN']['EXTERNALPWDHOOK']." ".$ui->username." ".
237 $_POST['current_password']." ".$_POST['new_password'], $resarr);
238 if(count($resarr) > 0) {
239 $output= join('\n', $resarr);
240 }
241 }
242 if ($output != ""){
243 $message[]= _("External password changer reported a problem: ".$output);
244 show_errors($message);
245 } else {
246 if ($method != ""){
247 change_password ($ui->dn, $_POST['new_password'], 0, $method);
248 } else {
249 change_password ($ui->dn, $_POST['new_password']);
250 }
251 gosa_log ("User/password has been changed");
252 $smarty->assign("changed", true);
253 }
254 }
257 }
259 /* Parameter fill up */
260 $params= "";
261 foreach (array('uid', 'method', 'directory') as $index){
262 $params.= "&$index=".urlencode($$index);
263 }
264 $params= preg_replace('/^&/', '?', $params);
265 $smarty->assign('params', $params);
267 /* Fill template with required values */
268 $smarty->assign ('date', gmdate("D, d M Y H:i:s"));
269 $smarty->assign ('uid', $uid);
270 $smarty->assign ('password_img', get_template_path('images/password.png'));
272 /* Displasy SSL mode warning? */
273 if ($ssl != "" && $config->data['MAIN']['WARNSSL'] == 'true'){
274 $smarty->assign ("ssl", "<b>"._("Warning").":</b> "._("Session will not be encrypted.")." <a style=\"color:red;\" href=\"".htmlentities($ssl)."\"><b>"._("Enter SSL session")."</b></a>!");
275 } else {
276 $smarty->assign ("ssl", "");
277 }
279 /* show login screen */
280 $smarty->assign ("PHPSESSID", session_id());
281 if (isset($_SESSION['errors'])){
282 $smarty->assign("errors", $_SESSION['errors']);
283 }
284 if ($error_collector != ""){
285 $smarty->assign("php_errors", $error_collector."</div>");
286 } else {
287 $smarty->assign("php_errors", "");
288 }
290 displayPWchanger();
292 ?>
294 </body>
295 </html>
296 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: