index 6c04fb525e204debfa9709179cffa16bc94fac16..0b93bf955c7b0ee690a05157dc36d29cca23c8d6 100644 (file)
// Once an error has occured it is stored here.
$message = array();
- // Call the check hook
- $attrs = array();
- $attrs['current_password'] = escapeshellarg($current_password);
- $attrs['new_password'] = escapeshellarg($new_password);
-
// Perform GOsa password policy checks
if(!tests::is_uid($uid)) {
$message[]= msgPool::invalid(_("Login"));
}
// Connect as the given user and load its ACLs
- $ui= ldap_login_user($uid, $current_password);
- if ($ui === NULL) {
- $message[]= _("Please check the username/password combination!");
- } else {
- $tmp= new acl($config, NULL, $ui->dn);
- $ui->ocMapping= $tmp->ocMapping;
- $ui->loadACL();
- $acls = $ui->get_permissions($ui->dn, "users/password");
- if (!preg_match("/w/i", $acls)) {
- $message[]= _("You have no permissions to change your password!");
+ if(!count($message)){
+ $ui= ldap_login_user($uid, $current_password);
+ if ($ui === NULL) {
+ $message[]= _("Please check the username/password combination!");
+ } else {
+ $tmp= new acl($config, NULL, $ui->dn);
+ $ui->ocMapping= $tmp->ocMapping;
+ $ui->loadACL();
+ $acls = $ui->get_permissions($ui->dn, "users/password");
+ if (!preg_match("/w/i", $acls)) {
+ $message[]= _("You have no permissions to change your password!");
+ }
+ }
+ }
+
+ // Call external check hook to validate the password change
+ if(!count($message)){
+ $attrs = array();
+ $attrs['current_password'] = ($current_password);
+ $attrs['new_password'] = ($new_password);
+ $checkRes = password::callCheckHook($config,$ui->dn,$attrs);
+ if(count($checkRes)){
+ $message[] = sprintf(_("Check-hook reported a problem: %s. Password change canceled!"),implode($checkRes));
}
}