refreshProposal(); if($this->proposal != ""){ $this->proposalSelected = TRUE; } } function forceHash($hash) { $this->forcedHash = $hash; } function refreshProposal() { $this->proposal = passwordMethod::getPasswordProposal($this->config); $this->proposalEnabled = (!empty($this->proposal)); } function execute() { plugin::execute(); $smarty = get_smarty(); $smarty->assign("usePrototype", "true"); $ui = get_userinfo(); /* Get acls */ $password_ACLS = $ui->get_permissions($ui->dn,"users/password"); $smarty->assign("ChangeACL" , $password_ACLS); $smarty->assign("NotAllowed" , !preg_match("/w/i",$password_ACLS)); /* Display expiration template */ $smarty->assign("passwordExpired", FALSE); if ($this->config->get_cfg_value("handleExpiredAccounts") == "true"){ $expired= ldap_expired_account($this->config, $ui->dn, $ui->username); $smarty->assign("passwordExpired", $expired & POSIX_FORCE_PASSWORD_CHANGE); if($expired == POSIX_DISALLOW_PASSWORD_CHANGE){ return($smarty->fetch(get_template_path("nochange.tpl", TRUE))); } } // Refresh proposal if requested if(isset($_POST['refreshProposal'])) $this->refreshProposal(); if(isset($_POST['proposalSelected'])) $this->proposalSelected = get_post('proposalSelected') == 1; $smarty->assign("proposal" , $this->proposal); $smarty->assign("proposalEnabled" , $this->proposalEnabled); $smarty->assign("proposalSelected" , $this->proposalSelected); /* Pwd change requested */ if (isset($_POST['password_finish'])){ if($this->proposalSelected){ $current_password = get_post('current_password'); $new_password = $this->proposal; $repeated_password = $this->proposal; }else{ $current_password = get_post('current_password'); $new_password = get_post('new_password'); $repeated_password = get_post('repeated_password'); } /* Should we check different characters in new password */ $check_differ = $this->config->get_cfg_value("passwordMinDiffer") != ""; $differ = $this->config->get_cfg_value("passwordMinDiffer", 0); /* Enable length check ? */ $check_length = $this->config->get_cfg_value("passwordMinLength") != ""; $length = $this->config->get_cfg_value("passwordMinLength", 0); // Perform GOsa password policy checks $message = array(); if(empty($current_password)){ $message[] = _("You need to specify your current password in order to proceed."); }elseif($new_password != $repeated_password){ $message[] = _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."); }elseif($new_password == ""){ $message[] = _("The password you've entered as 'New password' is empty."); }elseif($check_differ && (substr($current_password, 0, $differ) == substr($new_password, 0, $differ))){ $message[] = _("The password used as new and current are too similar."); }elseif($check_length && (strlen($new_password) < $length)){ $message[] = _("The password used as new is to short."); #}elseif(!passwordMethod::is_harmless($new_password)){ # $message[] = _("The password contains possibly problematic Unicode characters!"); } /* Call external password quality hook ?*/ if(!count($message)){ $check_hook = $this->config->get_cfg_value("passwordHook") != ""; $hook = $this->config->get_cfg_value("passwordHook")." ". escapeshellarg($ui->username)." ".escapeshellarg($current_password)." ".escapeshellarg($new_password); if($check_hook){ exec($hook,$resarr); $check_hook_output = ""; if(count($resarr) > 0) { $check_hook_output= join('\n', $resarr); } if(!empty($check_hook_output)){ $message[] = sprintf(_("Check-hook reported a problem: %s. Password change canceled!"),$check_hook_output); } } } // Some errors/warning occured, display them and abort password change. if(count($message)){ msg_dialog::displayChecks($message); }else{ /* Try to connect via current password */ $tldap = new LDAP( $ui->dn, $current_password, $this->config->current['SERVER'], $this->config->get_cfg_value("ldapFollowReferrals") == "true", $this->config->get_cfg_value("ldapTLS") == "true"); /* connection Successfull ? */ if (!$tldap->success()){ msg_dialog::display(_("Password change"), _("The password you've entered as your current password doesn't match the real one."),WARNING_DIALOG); }else{ /* Check GOsa permissions */ if (!preg_match("/w/i",$password_ACLS)){ msg_dialog::display(_("Password change"), _("You have no permission to change your password."),WARNING_DIALOG); }else{ $this->change_password($ui->dn, $new_password,$this->forcedHash); gosa_log ("User/password has been changed"); $ui->password= $new_password; session::set('ui',$ui); #$this->handle_post_events("modify",array("userPassword" => $new_password)); return($smarty->fetch(get_template_path("changed.tpl", TRUE))); } } } } return($smarty->fetch(get_template_path("password.tpl", TRUE))); } function change_password($dn, $pwd, $hash) { if(!$hash){ change_password ($dn, $pwd); }else{ change_password ($dn, $pwd,0, $hash); } } function remove_from_parent() { $this->handle_post_events("remove"); } function save() { } static function plInfo() { return (array( "plDescription" => _("User password"), "plSelfModify" => TRUE, "plDepends" => array("user"), "plPriority" => 10, "plSection" => array("personal" => _("My account")), "plCategory" => array("users"), "plOptions" => array(), "plProvidedAcls" => array()) ); } } // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?>