index b830351f68b18ddb8efa34bbb4c703cacf4ccf19..8307b6e63ee5c6996ef2a3821aad4484ccd1dec5 100644 (file)
msg_dialog::display(_("Internal error"), sprintf(_("File %s cannot be deleted!"), bold($directory."/".$file)), ERROR_DIALOG);
// This should never be reached
}
- } elseif(is_dir($directory."/".$file) &&
- is_writable($directory."/".$file)) {
- // Just recursively delete it
- rmdirRecursive($directory."/".$file);
- }
+ }
}
// We should now create a fresh revision file
clean_smarty_compile_dir($directory);
@@ -3005,20 +3001,22 @@ function change_password ($dn, $password, $mode=FALSE, $hash= "", $old_password
{
global $config;
$newpass= "";
+
+ // Not sure, why this is here, but maybe some encryption methods require it.
mt_srand((double) microtime()*1000000);
// Get a list of all available password encryption methods.
$methods = new passwordMethod(session::get('config'),$dn);
$available = $methods->get_available_methods();
- // Fetch the current object data, to be able to detect the current hashinf method
- // and to be able to rollback changes once an error occured.
+ // Fetch the current object data, to be able to detect the current hashing method
+ // and to be able to rollback changes once has an error occured.
$ldap = $config->get_ldap_link();
$ldap->cat ($dn, array("shadowLastChange", "userPassword","sambaNTPassword","sambaLMPassword", "uid"));
$attrs = $ldap->fetch ();
$initialAttrs = $attrs;
- // If no hashing method is enforced, then detect what method we've use here.
+ // If no hashing method is enforced, then detect what method we've to use.
$hash = strtolower($hash);
if(empty($hash)){
@@ -3029,8 +3027,8 @@ function change_password ($dn, $password, $mode=FALSE, $hash= "", $old_password
$test->set_hash($hash);
}
- // If we've still no valid hashing method detected, then try to extract if from the current password hash.
- if(isset($attrs['userPassword'][0]) && preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0], $matches)){
+ // If we've still no valid hashing method detected, then try to extract if from the userPassword attribute.
+ elseif(isset($attrs['userPassword'][0]) && preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0], $matches)){
$test = passwordMethod::get_method($attrs['userPassword'][0],$dn);
$hash = $test->get_hash_name();
}
@@ -3044,12 +3042,12 @@ function change_password ($dn, $password, $mode=FALSE, $hash= "", $old_password
$test->set_hash($hash);
}
- // We've now a valid password method handle and can create the new password hash.
+ // We've now a valid password-method-handle and can create the new password hash or don't we?
if(!$test instanceOf passwordMethod){
$message = _("Cannot detect password hash!");
}else{
- // Feed password backends with information
+ // Feed password backends with object information.
$test->dn = $dn;
$test->attrs = $attrs;
$newpass= $test->generate_hash($password);
@@ -3068,15 +3066,24 @@ function change_password ($dn, $password, $mode=FALSE, $hash= "", $old_password
// Write back the new password hash
$ldap->cd($dn);
- $attrs['userPassword']= array();
$attrs['userPassword']= $newpass;
- // Prepare prevent hook call
- $attrsPre = $attrs;
- $attrsPre['current_password'] = $old_password;
- $attrsPre['new_password'] = $password;
+ // Prepare a special attribute list, which will be used for event hook calls
+ $attrsEvent = array();
+ foreach($initialAttrs as $name => $value){
+ if(!is_numeric($name))
+ $attrsEvent[$name] = escapeshellarg($value[0]);
+ }
+ $attrsEvent['dn'] = escapeshellarg($initialAttrs['dn']);
+ foreach($attrs as $name => $value){
+ $attrsEvent[$name] = escapeshellarg($value);
+ }
+ $attrsEvent['current_password'] = escapeshellarg($old_password);
+ $attrsEvent['new_password'] = escapeshellarg($password);
+
+ // Call the premodify hook now
$passwordPlugin = new password($config,$dn);
- plugin::callHook($passwordPlugin, 'PREMODIFY', $attrs, $output,$retCode,$error, $directlyPrintError = FALSE);
+ plugin::callHook($passwordPlugin, 'PREMODIFY', $attrsEvent, $output,$retCode,$error, $directlyPrintError = FALSE);
if($retCode === 0 && count($output)){
$message = sprintf(_("Pre-event hook reported a problem: %s. Password change canceled!"),implode($output));
return(FALSE);
@@ -3091,7 +3098,7 @@ function change_password ($dn, $password, $mode=FALSE, $hash= "", $old_password
$test->lock_account($config,$dn);
}
- // Check if everythin went fine and then call the post event hooks.
+ // Check if everything went fine and then call the post event hooks.
// If an error occures, then try to rollback the complete actions done.
$preRollback = FALSE;
$ldapRollback = FALSE;
@@ -3113,14 +3120,10 @@ function change_password ($dn, $password, $mode=FALSE, $hash= "", $old_password
}else{
// Execute the password hook
- plugin::callHook($passwordPlugin, 'POSTMODIFY', $attrs, $output,$retCode,$error, $directlyPrintError = FALSE);
+ plugin::callHook($passwordPlugin, 'POSTMODIFY', $attrsEvent, $output,$retCode,$error, $directlyPrintError = FALSE);
if($retCode === 0){
if(count($output)){
- new log("modify","users/passwordMethod",$dn,array(),"Password change - Post mdoify hook reported! - FAILED!");
- $attrs = array();
- $attrs['userPassword'] = escapeshellarg($password);
- $attrs['current_password'] = escapeshellarg($password);
- $attrs['old_password'] = escapeshellarg($old_password);
+ new log("modify","users/passwordMethod",$dn,array(),"Password change - Post modify hook reported! - FAILED!");
$message = sprintf(_("Post-event hook reported a problem: %s. Password change canceled!"),implode($output));
$ldapRollback = TRUE;
$preRollback = TRUE;
@@ -3142,19 +3145,23 @@ function change_password ($dn, $password, $mode=FALSE, $hash= "", $old_password
}
}
- // Setting password in the ldap database or further operation failed, we should now execute
- // the plugins post-event hook, using switched passwords new/old password.
+ // Setting the password in the ldap database or further operation failed, we should now execute
+ // the plugins pre-event hook, using switched passwords, new/old password.
// This ensures that passwords which were set outside of GOsa, will be reset to its
// starting value.
- if($preRollback && !empty($old_password)){
- new log("modify","users/passwordMethod",$dn,array(),"Rolling back postmodify hook!");
- $attrs = array();
- $attrs['current_password'] = escapeshellarg($password);
- $attrs['new_password'] = escapeshellarg($old_password);
- plugin::callHook($passwordPlugin, 'POSTMODIFY', $attrs, $output,$retCode,$error, $directlyPrintError = FALSE);
+ if($preRollback){
+ new log("modify","users/passwordMethod",$dn,array(),"Rolling back premodify hook!");
+ $oldpass= $test->generate_hash($old_password);
+ $attrsEvent['current_password'] = escapeshellarg($password);
+ $attrsEvent['new_password'] = escapeshellarg($old_password);
+ foreach(array("userPassword","sambaNTPassword","sambaLMPassword") as $attr){
+ if(isset($initialAttrs[$attr][0])) $attrsEvent[$attr] = $initialAttrs[$attr][0];
+ }
+
+ plugin::callHook($passwordPlugin, 'PREMODIFY', $attrsEvent, $output,$retCode,$error, $directlyPrintError = FALSE);
if($retCode === 0 && count($output)){
- $message = sprintf(_("Post-event hook reported a problem: %s. Password change canceled!"),implode($output));
- new log("modify","users/passwordMethod",$dn,array(),"Rolling back postmodify hook! - FAILED!");
+ $message = sprintf(_("Pre-event hook reported a problem: %s. Password change canceled!"),implode($output));
+ new log("modify","users/passwordMethod",$dn,array(),"Rolling back premodify hook! - FAILED!");
}
}
@@ -3164,7 +3171,7 @@ function change_password ($dn, $password, $mode=FALSE, $hash= "", $old_password
new log("modify","users/passwordMethod",$dn,array(),"Rolling back ldap modifications!");
$attrs = array();
foreach(array("userPassword","sambaNTPassword","sambaLMPassword") as $attr){
- $attrs[$attr] = $initialAttrs[$attr][0];
+ if(isset($initialAttrs[$attr][0])) $attrs[$attr] = $initialAttrs[$attr][0];
}
$ldap->cd($dn);
$ldap->modify($attrs);