X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-core%2Fhtml%2Fpassword.php;h=0b93bf955c7b0ee690a05157dc36d29cca23c8d6;hb=90747e5966f031a8ab2ac19256c26cc037c838c2;hp=4880f71979a70960fb0a1a11a048c2858f6eb98c;hpb=4dc0b97ad56e93be970de300e5c298eae7fd4ec3;p=gosa.git

diff --git a/gosa-core/html/password.php b/gosa-core/html/password.php
index 4880f7197..0b93bf955 100644
--- a/gosa-core/html/password.php
+++ b/gosa-core/html/password.php
@@ -24,6 +24,8 @@ function displayPWchanger()
 {
     global $smarty;
 
+    $smarty->assign ("logo", image(get_template_path("images/logo.png")));
+    $smarty->assign ("date", date("l, dS F Y H:i:s O"));
     $smarty->display(get_template_path('password.tpl'));
     exit();
 }
@@ -68,6 +70,33 @@ if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)) {
 
 /* Parse configuration file */
 $config= new config(CONFIG_DIR."/".CONFIG_FILE, $BASE_DIR);
+
+/* Generate server list */
+$servers= array();
+foreach ($config->data['LOCATIONS'] as $key => $ignored) {
+    $servers[$key]= $key;
+}
+
+if (isset($_POST['server'])) {
+    $directory= get_post('server');
+}elseif (isset($_GET['directory'])) {
+    $directory= $_GET['directory'];
+} else {
+    $directory= $config->data['MAIN']['DEFAULT'];
+    if (!isset($servers[$directory])) {
+        $directory = key($servers);
+    }
+    
+}
+
+// Set location and reload the configRegistry - we've now access to the ldap. 
+if(isset($servers[$directory])){
+    $config->set_current($directory);
+    $config->check_and_reload();
+    $config->configRegistry->reload(TRUE);
+}
+session::global_set('plist', new pluglist($config, $ui));
+
 session::global_set('debugLevel', $config->get_cfg_value("core","debugLevel"));
 if ($_SERVER["REQUEST_METHOD"] != "POST") {
     @DEBUG(
@@ -112,20 +141,6 @@ $domain = 'messages';
 bindtextdomain($domain, LOCALE_DIR);
 textdomain($domain);
 
-/* Generate server list */
-$servers= array();
-foreach ($config->data['LOCATIONS'] as $key => $ignored) {
-    $servers[$key]= $key;
-}
-if (isset($_POST['server'])) {
-    $directory= validate($_POST['server']);
-} else {
-    $directory= $config->data['MAIN']['DEFAULT'];
-
-    if (!isset($servers[$directory])) {
-        $directory = key($servers);
-    }
-}
 $smarty->assign ("title","GOsa");
 if (isset($_GET['directory']) && isset($servers[$_GET['directory']])) {
     $smarty->assign("show_directory_chooser", false);
@@ -172,7 +187,7 @@ if ($config->get_cfg_value("core","forceSSL") == 'true' && $ssl != '') {
 $method= $config->get_cfg_value("core","passwordDefaultHash");
 if (isset($_GET['method'])) {
     $method= validate($_GET['method']);
-    $tmp = new passwordMethod($config);
+    $tmp = new passwordMethod($config, "dummy");
     $available = $tmp->get_available_methods();
     if (!isset($available[$method])) {
         msg_dialog::display(
@@ -190,7 +205,7 @@ if (isset($_GET['uid']) && $_GET['uid'] != "") {
     $uid= validate($_GET['uid']);
     $smarty->assign('display_username', false);
 } elseif (isset($_POST['uid'])) {
-    $uid= validate($_POST['uid']);
+    $uid= get_post('uid');
     $smarty->assign('display_username', true);
 } else {
     $uid= "";
@@ -207,50 +222,47 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['apply'])) {
         session::global_set('_LAST_PAGE_REQUEST', time());
     }
 
-    $message= array();
-    $current_password= $_POST['current_password'];
+    // Get posted values
+    $current_password = get_post('current_password');
+    $new_password = get_post('new_password');
+    $repeated_password = get_post('new_password_repeated');
 
-    /* Do new and repeated password fields match? */
-    $new_password= $_POST['new_password'];
-    if ($_POST['new_password'] != $_POST['new_password_repeated']) {
-        $message[]= _("The values for 'New password' and 'Repeated new password' differ!");
-    } else {
-        if ($_POST['new_password'] == "") {
-            $message[]= msgPool::required(_("New password"));
-        }
-    }
 
-    /* Password policy fulfilled? */
-    if ($config->get_cfg_value("core","passwordMinDiffer") != "") {
-        $l= $config->get_cfg_value("core","passwordMinDiffer");
-        if (substr($_POST['current_password'], 0, $l) ==
-            substr($_POST['new_password'], 0, $l)) {
-            $message[]= _("The password used as new and current are too similar!");
-        }
-    }
-    if ($config->get_cfg_value("core","passwordMinLength") != "") {
-        if (strlen($_POST['new_password']) <
-           $config->get_cfg_value("core","passwordMinLength")) {
-            $message[]= _("The password used as new is to short!");
-        }
-    }
-    if(!passwordMethod::is_harmless($_POST['new_password'])){
-        $message[]= _("The password contains possibly problematic unicode characters!");
-    }
+    // Get configuration flags for further input checks.
+    $check_differ = $config->get_cfg_value("core","passwordMinDiffer") != "";
+    $differ       = $config->get_cfg_value("core","passwordMinDiffer");
+    $check_length = $config->get_cfg_value("core","passwordMinLength") != "";
+    $length       = $config->get_cfg_value("core","passwordMinLength");
+
+    // Once an error has occured it is stored here.
+    $message = array();
 
-    /* Validate */
-    if (!tests::is_uid($uid)) {
+    // Perform GOsa password policy checks
+    if(!tests::is_uid($uid)) {
         $message[]= msgPool::invalid(_("Login"));
-    } elseif (mb_strlen($_POST["current_password"], 'UTF-8') == 0) {
-        $message[]= msgPool::required(_("Current password"));
-    } else {
+    }elseif(empty($current_password)){
+        $message[] = _("You need to specify your current password in order to proceed.");
+    }elseif($new_password  != $repeated_password){
+        $message[] = _("The passwords you've entered as 'New password' and 'Repeated new password' do not match.");
+    }elseif($new_password == ""){
+        $message[] = _("The password you've entered as 'New password' is empty.");
+    }elseif($check_differ && (substr($current_password, 0, $differ) == substr($new_password, 0, $differ))){
+        $message[] = _("The password used as new and current are too similar.");
+    }elseif($check_length && (strlen($new_password) < $length)){
+        $message[] = _("The password used as new is to short.");
+    }elseif(!passwordMethod::is_harmless($new_password)){
+        $message[] = _("The password contains possibly problematic Unicode characters!");
+    }
 
-        /* Do we have the selected user somewhere? */
+    // Connect as the given user and load its ACLs
+    if(!count($message)){
         $ui= ldap_login_user($uid, $current_password);
-
         if ($ui === NULL) {
             $message[]= _("Please check the username/password combination!");
         } else {
+            $tmp= new acl($config, NULL, $ui->dn);
+            $ui->ocMapping= $tmp->ocMapping;
+            $ui->loadACL();
             $acls = $ui->get_permissions($ui->dn, "users/password");
             if (!preg_match("/w/i", $acls)) {
                 $message[]= _("You have no permissions to change your password!");
@@ -258,42 +270,29 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['apply'])) {
         }
     }
 
-    /* Do we need to show error messages? */
+    // Call external check hook to validate the password change
+    if(!count($message)){
+        $attrs = array();
+        $attrs['current_password'] = ($current_password);
+        $attrs['new_password'] = ($new_password);
+        $checkRes = password::callCheckHook($config,$ui->dn,$attrs);
+        if(count($checkRes)){
+            $message[] = sprintf(_("Check-hook reported a problem: %s. Password change canceled!"),implode($checkRes));
+        }
+    }
+
+    // Display error messages
     if (count($message) != 0) {
-        /* Show error message and continue editing */
         msg_dialog::displayChecks($message);
-    } else {
-
-        /* Passed quality check, just try to change the password now */
-        $output= "";
-        if ($config->get_cfg_value("core","passwordHook") != "") {
-            exec(
-                $config->get_cfg_value("core","passwordHook")." ".$ui->username." ".
-                $_POST['current_password']." ".$_POST['new_password'],
-                $resarr
-            );
-            if (count($resarr) > 0) {
-                $output= join('\n', $resarr);
-            }
-        }
-        if ($output != "") {
-            $message[]= sprintf(
-                _("External password changer reported a problem: %s"),
-                $output
-            );
-            msg_dialog::displayChecks($message);
+    } else
+
+        // Try to change the password
+        if(!change_password($ui->dn, $_POST['new_password'], FALSE, $method,get_post('current_password'),$msg)){
+            msg_dialog::displayChecks(array($msg));
         } else {
-            if ($method != "") {
-                change_password($ui->dn, $_POST['new_password'], 0, $method);
-            } else {
-                change_password($ui->dn, $_POST['new_password']);
-            }
             gosa_log("User/password has been changed");
             $smarty->assign("changed", true);
         }
-    }
-
-
 }
 
 /* Parameter fill up */