index fae474500c3e70a29ccd64a61f9cb8f38b89ff5c..954231dfe3890fb26f4f2ac3bfc8018ab12c8700 100644 (file)
{
global $smarty;
+ $smarty->assign ("logo", image(get_template_path("images/logo.png")));
+ $smarty->assign ("date", date("l, dS F Y H:i:s O"));
$smarty->display(get_template_path('password.tpl'));
exit();
}
/* Parse configuration file */
$config= new config(CONFIG_DIR."/".CONFIG_FILE, $BASE_DIR);
-session::global_set('DEBUGLEVEL', $config->get_cfg_value("debuglevel"));
+
+/* Generate server list */
+$servers= array();
+foreach ($config->data['LOCATIONS'] as $key => $ignored) {
+ $servers[$key]= $key;
+}
+
+if (isset($_POST['server'])) {
+ $directory= get_post('server');
+}elseif (isset($_GET['directory'])) {
+ $directory= $_GET['directory'];
+} else {
+ $directory= $config->data['MAIN']['DEFAULT'];
+ if (!isset($servers[$directory])) {
+ $directory = key($servers);
+ }
+
+}
+
+// Set location and reload the configRegistry - we've now access to the ldap.
+if(isset($servers[$directory])){
+ $config->set_current($directory);
+ $config->check_and_reload();
+ $config->configRegistry->reload(TRUE);
+}
+session::global_set('plist', new pluglist($config, $ui));
+
+session::global_set('debugLevel', $config->get_cfg_value("core","debugLevel"));
if ($_SERVER["REQUEST_METHOD"] != "POST") {
@DEBUG(
DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config"
}
/* Set template compile directory */
-$smarty->compile_dir= $config->get_cfg_value(
- "templateCompileDirectory", '/var/spool/gosa'
-);
+$smarty->compile_dir= $config->get_cfg_value("core", "templateCompileDirectory");
/* Check for compile directory */
if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))) {
clean_smarty_compile_dir($smarty->compile_dir);
/* Language setup */
-if ($config->get_cfg_value("language") == "") {
+if ($config->get_cfg_value("core","language") == "") {
$lang= get_browser_language();
} else {
- $lang= $config->get_cfg_value("language");
+ $lang= $config->get_cfg_value("core","language");
}
$lang.=".UTF-8";
putenv("LANGUAGE=");
bindtextdomain($domain, LOCALE_DIR);
textdomain($domain);
-/* Generate server list */
-$servers= array();
-foreach ($config->data['LOCATIONS'] as $key => $ignored) {
- $servers[$key]= $key;
-}
-if (isset($_POST['server'])) {
- $directory= validate($_POST['server']);
-} else {
- $directory= $config->data['MAIN']['DEFAULT'];
-
- if (!isset($servers[$directory])) {
- $directory = key($servers);
- }
-}
$smarty->assign ("title","GOsa");
if (isset($_GET['directory']) && isset($servers[$_GET['directory']])) {
$smarty->assign("show_directory_chooser", false);
}
/* If SSL is forced, just forward to the SSL enabled site */
-if ($config->get_cfg_value("forcessl") == 'true' && $ssl != '') {
+if ($config->get_cfg_value("core","forceSSL") == 'true' && $ssl != '') {
header("Location: $ssl");
exit;
}
/* Check for selected password method */
-$method= $config->get_cfg_value("hash", "crypt/md5");
+$method= $config->get_cfg_value("core","passwordDefaultHash");
if (isset($_GET['method'])) {
$method= validate($_GET['method']);
- $tmp = new passwordMethod($config);
+ $tmp = new passwordMethod($config, "dummy");
$available = $tmp->get_available_methods();
if (!isset($available[$method])) {
msg_dialog::display(
$uid= validate($_GET['uid']);
$smarty->assign('display_username', false);
} elseif (isset($_POST['uid'])) {
- $uid= validate($_POST['uid']);
+ $uid= get_post('uid');
$smarty->assign('display_username', true);
} else {
$uid= "";
}
/* Password policy fulfilled? */
- if ($config->get_cfg_value("passwordMinDiffer") != "") {
- $l= $config->get_cfg_value("passwordMinDiffer");
+ if ($config->get_cfg_value("core","passwordMinDiffer") != "") {
+ $l= $config->get_cfg_value("core","passwordMinDiffer");
if (substr($_POST['current_password'], 0, $l) ==
substr($_POST['new_password'], 0, $l)) {
$message[]= _("The password used as new and current are too similar!");
}
}
- if ($config->get_cfg_value("passwordMinLength") != "") {
+ if ($config->get_cfg_value("core","passwordMinLength") != "") {
if (strlen($_POST['new_password']) <
- $config->get_cfg_value("passwordMinLength")) {
+ $config->get_cfg_value("core","passwordMinLength")) {
$message[]= _("The password used as new is to short!");
}
}
+ if(!passwordMethod::is_harmless($_POST['new_password'])){
+ $message[]= _("The password contains possibly problematic Unicode characters!");
+ }
/* Validate */
if (!tests::is_uid($uid)) {
/* Do we have the selected user somewhere? */
$ui= ldap_login_user($uid, $current_password);
+ /* Load ocMapping into userinfo */
+ $tmp= new acl($config, NULL, $ui->dn);
+ $ui->ocMapping= $tmp->ocMapping;
+
+
+ $ui->loadACL();
+
if ($ui === NULL) {
- $message[]= _("Please check the username/password combination.");
+ $message[]= _("Please check the username/password combination!");
} else {
$acls = $ui->get_permissions($ui->dn, "users/password");
if (!preg_match("/w/i", $acls)) {
- $message[]= _("You have no permissions to change your password.");
+ $message[]= _("You have no permissions to change your password!");
}
}
}
/* Passed quality check, just try to change the password now */
$output= "";
- if ($config->get_cfg_value("passwordHook") != "") {
+ if ($config->get_cfg_value("core","passwordHook") != "") {
exec(
- $config->get_cfg_value("passwordHook")." ".$ui->username." ".
+ $config->get_cfg_value("core","passwordHook")." ".$ui->username." ".
$_POST['current_password']." ".$_POST['new_password'],
$resarr
);
$smarty->assign('password_img', get_template_path('images/password.png'));
/* Displasy SSL mode warning? */
-if ($ssl != "" && $config->get_cfg_value("warnssl") == 'true') {
+if ($ssl != "" && $config->get_cfg_value("core","warnSSL") == 'true') {
$smarty->assign(
"ssl",
"<b>"._("Warning").":</b> "._("Session will not be encrypted.").