Made return type clean.

[gosa.git] / include / class_password-methods.inc

diff --git a/include/class_password-methods.inc b/include/class_password-methods.inc
index c0ffba2b673fa44bdf3889d204122204e05679cd..e0b96c0dbafde5719ad5fb740092ca22a1bc5867 100644 (file)
--- a/include/class_password-methods.inc
+++ b/include/class_password-methods.inc
@@ -22,6 +22,7 @@
 class passwordMethod
 {
   var $config = false;
+  var $attrs= array();
 
   // Konstructor
   function passwordMethod($config)
@@ -94,6 +95,9 @@ function change_password ($dn, $password, $mode=0, $hash= "")
   global $config;
   $newpass= "";
 
+  /* Convert to lower. Methods are lowercase */
+  $hash= strtolower($hash);
+
   // Get all available encryption Methods 
 
   // NON STATIC CALL :)
@@ -102,14 +106,27 @@ function change_password ($dn, $password, $mode=0, $hash= "")
 
   // read current password entry for $dn, to detect the encryption Method
   $ldap       = $config->get_ldap_link();
-  $ldap->cat ($dn);
+  $ldap->cat ($dn, array("shadowLastChange", "userPassword", "uid"));
   $attrs      = $ldap->fetch ();
 
-  // Set encryption type to clear if required 
-  if (isset($attrs['userPassword'][0]) && preg_match('/^[^{}]+$/', $attrs['userPassword'][0]) && $hash == ""){
-    $hash= "clear";
+  // Check if user account was deactivated, indicated by ! after } ... {crypt}!###
+  if(isset($attrs['userPassword'][0]) && preg_match("/^[^\}]*+\}!/",$attrs['userPassword'][0])){
+    $deactivated = TRUE;
+  }else{
+    $deactivated = FALSE;
   }
 
+#  // Get current password hash method if available 
+#  if($hash == "" && isset($attrs['userPassword'][0]) && preg_match("/[\{\}]/",$attrs['userPassword'][0])){
+#    $hash = preg_replace("/^[^\{]*+\{([^\}]*).*$/","\\1",$attrs['userPassword'][0]);
+#    $hash = strtolower($hash);
+#  }
+
+#  // Set encryption type to clear if required 
+#  if (!isset($attrs['userPassword'][0]) || $hash == ""){
+#    $hash= "clear";
+#  }
+
   // Detect the encryption Method
   if ( (isset($attrs['userPassword'][0]) &&  preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0], $matches)) ||  $hash != ""){
 
@@ -124,6 +141,7 @@ function change_password ($dn, $password, $mode=0, $hash= "")
 
     // Crypt with the detected Method
     $test = new  $available[$hash]($config);
+    $test->attrs= $attrs;
     $newpass =  $test->generate_hash($password);
 
   } else {
@@ -154,12 +172,17 @@ function change_password ($dn, $password, $mode=0, $hash= "")
     $attrs= generate_smb_nt_hash($password);
   }
 
+  /* Readd ! if user was deactivated */
+  if($deactivated){
+    $newpass = preg_replace("/(^[^\}]+\})(.*$)/","\\1!\\2",$newpass);
+  }
+
   $attrs['userPassword']= array();
   $attrs['userPassword']= $newpass;
 
-
   $ldap->modify($attrs);
-
+  
+  new log("modify","users/passwordMethod",$dn,array_keys($attrs),$ldap->get_error());
 
   if ($ldap->error != 'Success') {
     print_red(sprintf(_("Setting the password failed. LDAP server says '%s'."),