![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b05e233)
raw | patch | inline | side by side (parent: b05e233)
| author | cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Thu, 25 Mar 2010 09:52:28 +0000 (09:52 +0000) | ||
| committer | cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Thu, 25 Mar 2010 09:52:28 +0000 (09:52 +0000) |
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@17197 594d385d-05f5-0310-b6e9-bd551577e9d8
| gosa-core/html/index.php | patch | blob | history | |
| gosa-core/html/password.php | patch | blob | history |
index 96f29ae922a3d60733d1a3a5b62d83e0770b7825..31eb1ad16000d25f3f8d533ba72037c103c6a08e 100644 (file)
--- a/gosa-core/html/index.php
+++ b/gosa-core/html/index.php
<?php
-/*
+/**
* This code is part of GOsa (http://www.gosa-project.org)
* Copyright (C) 2003-2008 GONICUS GmbH
*
*/
/* Load required includes */
-require_once ("../include/php_setup.inc");
-require_once ("functions.inc");
-require_once ("class_log.inc");
+require_once "../include/php_setup.inc";
+require_once "functions.inc";
+require_once "class_log.inc";
header("Content-type: text/html; charset=UTF-8");
*/
function displayLogin()
{
- global $smarty,$message,$config,$ssl,$error_collector, $BASE_DIR;
- error_reporting(E_ALL | E_STRICT);
-
- /* Check theme compatibility */
- $theme= $config->get_cfg_value('theme', 'default');
- if (file_exists("$BASE_DIR/ihtml/themes/$theme/blacklist")) {
- $blocks= file("$BASE_DIR/ihtml/themes/$theme/blacklist");
- foreach ($blocks as $block) {
- if (preg_match('/'.preg_quote($block).'/', $_SERVER['HTTP_USER_AGENT'])) {
- die(sprintf(_("Your browser (%s) is blacklisted for the current theme."), $block));
- }
+ global $smarty,$message,$config,$ssl,$error_collector, $BASE_DIR;
+ error_reporting(E_ALL | E_STRICT);
+
+ /* Check theme compatibility */
+ $theme= $config->get_cfg_value('theme', 'default');
+ if (file_exists("$BASE_DIR/ihtml/themes/$theme/blacklist")) {
+ $blocks= file("$BASE_DIR/ihtml/themes/$theme/blacklist");
+ foreach ($blocks as $block) {
+ if (preg_match('/'.preg_quote($block).'/', $_SERVER['HTTP_USER_AGENT'])) {
+ die(sprintf(_("Your browser (%s) is blacklisted for the current theme."), $block));
+ }
+ }
}
- }
-
- /* Fill template with required values */
- $username = "";
- if(isset($_POST["username"])){
- $username= $_POST["username"];
- }
- $smarty->assign ("logo", image(get_template_path("images/logo.png")));
- $smarty->assign ('date', gmdate("D, d M Y H:i:s"));
- $smarty->assign ('username', $username);
- $smarty->assign ('personal_img', get_template_path('images/login-head.png'));
- $smarty->assign ('password_img', get_template_path('images/password.png'));
- $smarty->assign ('directory_img', get_template_path('images/ldapserver.png'));
-
- /* Some error to display? */
- if (!isset($message)){
- $message= "";
- }
- $smarty->assign ("message", $message);
-
- /* Displasy SSL mode warning? */
- if ($ssl != "" && $config->get_cfg_value('warnssl') == 'true'){
- $smarty->assign ("ssl", sprintf(_("This session is not ecrypted. Click %s to enter an encrypted session."), "<a href=\"$ssl\">"._("here")."</a>"));
- } else {
- $smarty->assign ("ssl", "");
- }
-
- if(!$config->check_session_lifetime()){
- $smarty->assign ("lifetime", _("The session lifetime configured in your gosa.conf will be overridden by php.ini settings."));
- }else{
- $smarty->assign ("lifetime", "");
- }
-
- /* Generate server list */
- $servers= array();
- if (isset($_POST['server'])){
- $selected= validate($_POST['server']);
- } else {
- $selected= $config->data['MAIN']['DEFAULT'];
- }
- foreach ($config->data['LOCATIONS'] as $key => $ignored){
- $servers[$key]= $key;
- }
- $smarty->assign ("server_options", $servers);
- $smarty->assign ("server_id", $selected);
- /* show login screen */
- $smarty->assign ("PHPSESSID", session_id());
- if (session::is_set('errors')){
- $smarty->assign("errors", session::get('errors'));
- }
- if ($error_collector != ""){
- $smarty->assign("php_errors", $error_collector."</div>");
- } else {
- $smarty->assign("php_errors", "");
- }
- $smarty->assign("msg_dialogs", msg_dialog::get_dialogs());
- $smarty->assign("iePngWorkaround", $config->get_cfg_value("iePngWorkaround","false" ) == "true");
- $smarty->assign("usePrototype", "false");
- $smarty->display (get_template_path('headers.tpl'));
- $smarty->assign("version",get_gosa_version());
- $smarty->display(get_template_path('login.tpl'));
- exit();
+ /* Fill template with required values */
+ $username = "";
+ if(isset($_POST["username"])) {
+ $username= $_POST["username"];
+ }
+ $smarty->assign("logo", image(get_template_path("images/logo.png")));
+ $smarty->assign('date', gmdate("D, d M Y H:i:s"));
+ $smarty->assign('username', $username);
+ $smarty->assign('personal_img', get_template_path('images/login-head.png'));
+ $smarty->assign('password_img', get_template_path('images/password.png'));
+ $smarty->assign('directory_img', get_template_path('images/ldapserver.png'));
+
+ /* Some error to display? */
+ if (!isset($message)) {
+ $message= "";
+ }
+ $smarty->assign("message", $message);
+
+ /* Displasy SSL mode warning? */
+ if ($ssl != "" && $config->get_cfg_value('warnssl') == 'true') {
+ $smarty->assign("ssl", sprintf(_("This session is not ecrypted. Click %s to enter an encrypted session."), "<a href=\"$ssl\">"._("here")."</a>"));
+ } else {
+ $smarty->assign("ssl", "");
+ }
+
+ if(!$config->check_session_lifetime()) {
+ $smarty->assign ("lifetime", _("The session lifetime configured in your gosa.conf will be overridden by php.ini settings."));
+ } else {
+ $smarty->assign ("lifetime", "");
+ }
+
+ /* Generate server list */
+ $servers= array();
+ if (isset($_POST['server'])) {
+ $selected= validate($_POST['server']);
+ } else {
+ $selected= $config->data['MAIN']['DEFAULT'];
+ }
+ foreach ($config->data['LOCATIONS'] as $key => $ignored) {
+ $servers[$key]= $key;
+ }
+ $smarty->assign ("server_options", $servers);
+ $smarty->assign ("server_id", $selected);
+
+ /* show login screen */
+ $smarty->assign ("PHPSESSID", session_id());
+ if (session::is_set('errors')) {
+ $smarty->assign("errors", session::get('errors'));
+ }
+ if ($error_collector != "") {
+ $smarty->assign("php_errors", $error_collector."</div>");
+ } else {
+ $smarty->assign("php_errors", "");
+ }
+ $smarty->assign("msg_dialogs", msg_dialog::get_dialogs());
+ $smarty->assign("iePngWorkaround", $config->get_cfg_value("iePngWorkaround","false" ) == "true");
+ $smarty->assign("usePrototype", "false");
+ $smarty->display (get_template_path('headers.tpl'));
+ $smarty->assign("version",get_gosa_version());
+ $smarty->display(get_template_path('login.tpl'));
+ exit();
}
*****************************************************************************/
/* Set error handler to own one, initialize time calculation
- and start session. */
+and start session. */
session::start();
session::set('errorsAlreadyPosted',array());
/* Destroy old session if exists.
- Else you will get your old session back, if you not logged out correctly. */
-if(is_array(session::get_all()) && count(session::get_all())){
- session::destroy();
- session::start();
+Else you will get your old session back, if you not logged out correctly. */
+if(is_array(session::get_all()) && count(session::get_all())) {
+ session::destroy();
+ session::start();
}
$username= "";
session::set('LastError',"");
/* Check if we need to run setup */
-if (!file_exists(CONFIG_DIR."/".CONFIG_FILE)){
- header("location:setup.php");
- exit();
+if (!file_exists(CONFIG_DIR."/".CONFIG_FILE)) {
+ header("location:setup.php");
+ exit();
}
/* Reset errors */
/* Check for java script */
if(isset($_POST['javascript']) && $_POST['javascript'] == "true") {
- session::global_set('js',TRUE);
+ session::global_set('js',TRUE);
}elseif(isset($_POST['javascript'])) {
- session::global_set('js',FALSE);
+ session::global_set('js',FALSE);
}
/* Check if gosa.conf (.CONFIG_FILE) is accessible */
-if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)){
- msg_dialog::display(_("Configuration error"),sprintf(_("GOsa configuration %s/%s is not readable. Aborted."), CONFIG_DIR,CONFIG_FILE),FATAL_ERROR_DIALOG);
- exit();
+if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)) {
+ msg_dialog::display(_("Configuration error"),sprintf(_("GOsa configuration %s/%s is not readable. Aborted."), CONFIG_DIR,CONFIG_FILE),FATAL_ERROR_DIALOG);
+ exit();
}
/* Parse configuration file */
$config= new config(CONFIG_DIR."/".CONFIG_FILE, $BASE_DIR);
session::global_set('DEBUGLEVEL',$config->get_cfg_value('DEBUGLEVEL'));
-if ($_SERVER["REQUEST_METHOD"] != "POST"){
- @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config");
+if ($_SERVER["REQUEST_METHOD"] != "POST") {
+ @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config");
}
/* Enable compressed output */
-if ($config->get_cfg_value("sendCompressedOutput") != ""){
- ob_start("ob_gzhandler");
+if ($config->get_cfg_value("sendCompressedOutput") != "") {
+ ob_start("ob_gzhandler");
}
/* Set template compile directory */
$smarty->compile_dir= $config->get_cfg_value("templateCompileDirectory", '/var/spool/gosa');
/* Check for compile directory */
-if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))){
- msg_dialog::display(_("Smarty error"),sprintf(_("Directory '%s' specified as compile directory is not accessible!"),
+if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))) {
+ msg_dialog::display(_("Smarty error"),sprintf(_("Directory '%s' specified as compile directory is not accessible!"),
$smarty->compile_dir),FATAL_ERROR_DIALOG);
- exit();
+ exit();
}
/* Check for old files in compile directory */
textdomain($domain);
$smarty->assign ('nextfield', 'username');
-if ($_SERVER["REQUEST_METHOD"] != "POST"){
- @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to");
+if ($_SERVER["REQUEST_METHOD"] != "POST") {
+ @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to");
}
if (!isset($_SERVER['HTTPS']) ||
!stristr($_SERVER['HTTPS'], "on")) {
- if (empty($_SERVER['REQUEST_URI'])) {
- $ssl= "https://".$_SERVER['HTTP_HOST'].
- $_SERVER['PATH_INFO'];
- } else {
- $ssl= "https://".$_SERVER['HTTP_HOST'].
- $_SERVER['REQUEST_URI'];
- }
-}
+ if (empty($_SERVER['REQUEST_URI'])) {
+ $ssl= "https://".$_SERVER['HTTP_HOST'].
+ $_SERVER['PATH_INFO'];
+ } else {
+ $ssl= "https://".$_SERVER['HTTP_HOST'].
+ $_SERVER['REQUEST_URI'];
+ }
+ }
/* If SSL is forced, just forward to the SSL enabled site */
-if ($config->get_cfg_value("forcessl") == 'true' && $ssl != ''){
- header ("Location: $ssl");
- exit;
+if ($config->get_cfg_value("forcessl") == 'true' && $ssl != '') {
+ header ("Location: $ssl");
+ exit;
}
/* Do we have htaccess authentification enabled? */
$htaccess_authenticated= FALSE;
-if ($config->get_cfg_value("htaccessAuthentication") == "true" ){
- if (!isset($_SERVER['REMOTE_USER'])){
- msg_dialog::display(_("Configuration error"), _("There is a problem with the authentication setup!"), FATAL_ERROR_DIALOG);
- exit;
- }
+if ($config->get_cfg_value("htaccessAuthentication") == "true" ) {
+ if (!isset($_SERVER['REMOTE_USER'])) {
+ msg_dialog::display(_("Configuration error"), _("There is a problem with the authentication setup!"), FATAL_ERROR_DIALOG);
+ exit;
+ }
- $tmp= process_htaccess($_SERVER['REMOTE_USER'], isset($_SERVER['KRB5CCNAME']));
- $username= $tmp['username'];
- $server= $tmp['server'];
- if ($username == ""){
- msg_dialog::display(_("Error"), _("Cannot find a valid user for the current authentication setup!"), FATAL_ERROR_DIALOG);
- exit;
- }
- if ($server == ""){
- msg_dialog::display(_("Error"), _("User information is not unique accross the configured LDAP trees!"), FATAL_ERROR_DIALOG);
- exit;
- }
+ $tmp= process_htaccess($_SERVER['REMOTE_USER'], isset($_SERVER['KRB5CCNAME']));
+ $username= $tmp['username'];
+ $server= $tmp['server'];
+ if ($username == "") {
+ msg_dialog::display(_("Error"), _("Cannot find a valid user for the current authentication setup!"), FATAL_ERROR_DIALOG);
+ exit;
+ }
+ if ($server == "") {
+ msg_dialog::display(_("Error"), _("User information is not unique accross the configured LDAP trees!"), FATAL_ERROR_DIALOG);
+ exit;
+ }
- $htaccess_authenticated= TRUE;
+ $htaccess_authenticated= TRUE;
}
/* Got a formular answer, validate and try to log in */
-if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htaccess_authenticated){
-
- /* Reset error messages */
- $message= "";
-
- /* Destroy old sessions, they cause a successfull login to relog again ...*/
- if(session::global_is_set('_LAST_PAGE_REQUEST')){
- session::global_set('_LAST_PAGE_REQUEST',time());
- }
-
- if (!$htaccess_authenticated){
- $server= validate($_POST["server"]);
- }
- $config->set_current($server);
-
- /* Admin-logon and verify */
- $ldap = $config->get_ldap_link();
- if (is_null($ldap) || (is_int($ldap) && $ldap == 0)){
- msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
- displayLogin();
- exit();
- }
-
- /* Check for schema file presence */
- if ($config->get_cfg_value("schemaCheck") == "true"){
- $recursive = ($config->get_cfg_value("ldapFollowReferrals") == "true");
- $tls = ($config->get_cfg_value("ldapTLS") == "true");
-
- if(!count($ldap->get_objectclasses())){
- msg_dialog::display(_("LDAP error"), _("Cannot detect information about the installed LDAP schema!"), ERROR_DIALOG);
- displayLogin();
- exit() ;
- }else{
- $cfg = array();
- $cfg['admin'] = $config->current['ADMINDN'];
- $cfg['password'] = $config->current['ADMINPASSWORD'];
- $cfg['connection']= $config->current['SERVER'];
- $cfg['tls'] = $tls;
- $str = check_schema($cfg, $config->get_cfg_value("rfc2307bis") == "true");
- $checkarr = array();
- foreach($str as $tr){
- if(isset($tr['IS_MUST_HAVE']) && !$tr['STATUS']){
- msg_dialog::display(_("LDAP error"), _("Your LDAP setup contains old schema definitions:")."<br><br><i>".$tr['MSG']."</i>", ERROR_DIALOG);
- displayLogin();
- exit();
- }
- }
+if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htaccess_authenticated) {
+
+ /* Reset error messages */
+ $message= "";
+
+ /* Destroy old sessions, they cause a successfull login to relog again ...*/
+ if(session::global_is_set('_LAST_PAGE_REQUEST')) {
+ session::global_set('_LAST_PAGE_REQUEST',time());
+ }
+
+ if (!$htaccess_authenticated) {
+ $server= validate($_POST["server"]);
}
- }
-
- /* Check for locking area */
- $ldap->cat($config->get_cfg_value("config"), array("dn"));
- $attrs= $ldap->fetch();
- if (!count ($attrs)){
- $ldap->cd($config->current['BASE']);
- $ldap->create_missing_trees($config->get_cfg_value("config"));
- }
-
- /* Check for valid input */
- $ok= true;
- if (!$htaccess_authenticated){
- $username= $_POST["username"];
- if (!preg_match("/^[@A-Za-z0-9_.-]+$/", $username)){
- $message= _("Please specify a valid username!");
- $ok= false;
- } elseif (mb_strlen($_POST["password"], 'UTF-8') == 0){
- $message= _("Please specify your password!");
- $smarty->assign ('nextfield', 'password');
- $ok= false;
+ $config->set_current($server);
+
+ /* Admin-logon and verify */
+ $ldap = $config->get_ldap_link();
+ if (is_null($ldap) || (is_int($ldap) && $ldap == 0)) {
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
+ displayLogin();
+ exit();
}
- }
- if ($ok) {
+ /* Check for schema file presence */
+ if ($config->get_cfg_value("schemaCheck") == "true") {
+ $recursive = ($config->get_cfg_value("ldapFollowReferrals") == "true");
+ $tls = ($config->get_cfg_value("ldapTLS") == "true");
+
+ if(!count($ldap->get_objectclasses())) {
+ msg_dialog::display(_("LDAP error"), _("Cannot detect information about the installed LDAP schema!"), ERROR_DIALOG);
+ displayLogin();
+ exit() ;
+ }else{
+ $cfg = array();
+ $cfg['admin'] = $config->current['ADMINDN'];
+ $cfg['password'] = $config->current['ADMINPASSWORD'];
+ $cfg['connection']= $config->current['SERVER'];
+ $cfg['tls'] = $tls;
+ $str = check_schema($cfg, $config->get_cfg_value("rfc2307bis") == "true");
+ $checkarr = array();
+ foreach($str as $tr) {
+ if(isset($tr['IS_MUST_HAVE']) && !$tr['STATUS']) {
+ msg_dialog::display(_("LDAP error"), _("Your LDAP setup contains old schema definitions:")."<br><br><i>".$tr['MSG']."</i>", ERROR_DIALOG);
+ displayLogin();
+ exit();
+ }
+ }
+ }
+ }
- /* Login as user, initialize user ACL's */
- if ($htaccess_authenticated){
- $ui= ldap_login_user_htaccess($username);
- if ($ui === NULL || !$ui){
- msg_dialog::display(_("Authentication error"), _("Cannot retrieve user information for htaccess authentication!"), FATAL_ERROR_DIALOG);
- exit;
- }
- } else {
- $ui= ldap_login_user($username, $_POST["password"]);
+ /* Check for locking area */
+ $ldap->cat($config->get_cfg_value("config"), array("dn"));
+ $attrs= $ldap->fetch();
+ if (!count ($attrs)) {
+ $ldap->cd($config->current['BASE']);
+ $ldap->create_missing_trees($config->get_cfg_value("config"));
+ }
+
+ /* Check for valid input */
+ $ok= true;
+ if (!$htaccess_authenticated) {
+ $username= $_POST["username"];
+ if (!preg_match("/^[@A-Za-z0-9_.-]+$/", $username)) {
+ $message= _("Please specify a valid username!");
+ $ok= false;
+ } elseif (mb_strlen($_POST["password"], 'UTF-8') == 0) {
+ $message= _("Please specify your password!");
+ $smarty->assign ('nextfield', 'password');
+ $ok= false;
+ }
}
- if ($ui === NULL || !$ui){
- $message= _("Please check the username/password combination.");
- $smarty->assign ('nextfield', 'password');
- session::global_set('config',$config);
- new log("security","login","",array(),"Authentication failed for user \"$username\"");
- } else {
- /* Remove all locks of this user */
- del_user_locks($ui->dn);
- /* Save userinfo and plugin structure */
- session::global_set('ui',$ui);
- session::global_set('session_cnt',0);
+ if ($ok) {
+
+ /* Login as user, initialize user ACL's */
+ if ($htaccess_authenticated) {
+ $ui= ldap_login_user_htaccess($username);
+ if ($ui === NULL || !$ui) {
+ msg_dialog::display(_("Authentication error"), _("Cannot retrieve user information for htaccess authentication!"), FATAL_ERROR_DIALOG);
+ exit;
+ }
+ } else {
+ $ui= ldap_login_user($username, $_POST["password"]);
+ }
+ if ($ui === NULL || !$ui) {
+ $message= _("Please check the username/password combination.");
+ $smarty->assign ('nextfield', 'password');
+ session::global_set('config',$config);
+ new log("security","login","",array(),"Authentication failed for user \"$username\"");
+ } else {
+ /* Remove all locks of this user */
+ del_user_locks($ui->dn);
+
+ /* Save userinfo and plugin structure */
+ session::global_set('ui',$ui);
+ session::global_set('session_cnt',0);
/* Let GOsa trigger a new connection for each POST, save
- config to session. */
- $config->get_departments();
- $config->make_idepartments();
- session::global_set('config',$config);
-
- /* Restore filter settings from cookie, if available */
- if($config->get_cfg_value("storeFilterSettings") == "true"){
-
- if(isset($_COOKIE['GOsa_Filter_Settings']) || isset($HTTP_COOKIE_VARS['GOsa_Filter_Settings'])){
-
- if(isset($_COOKIE['GOsa_Filter_Settings'])){
- $cookie_all = unserialize(base64_decode($_COOKIE['GOsa_Filter_Settings']));
- }else{
- $cookie_all = unserialize(base64_decode($HTTP_COOKIE_VARS['GOsa_Filter_Settings']));
- }
- if(isset($cookie_all[$ui->dn])){
- $cookie = $cookie_all[$ui->dn];
- $cookie_vars= array("MultiDialogFilters","CurrentMainBase","plug");
- foreach($cookie_vars as $var){
- if(isset($cookie[$var])){
- session::global_set($var,$cookie[$var]);
- }
+ config to session. */
+ $config->get_departments();
+ $config->make_idepartments();
+ session::global_set('config',$config);
+
+ /* Restore filter settings from cookie, if available */
+ if($config->get_cfg_value("storeFilterSettings") == "true") {
+
+ if(isset($_COOKIE['GOsa_Filter_Settings']) || isset($HTTP_COOKIE_VARS['GOsa_Filter_Settings'])) {
+
+ if(isset($_COOKIE['GOsa_Filter_Settings'])) {
+ $cookie_all = unserialize(base64_decode($_COOKIE['GOsa_Filter_Settings']));
+ }else{
+ $cookie_all = unserialize(base64_decode($HTTP_COOKIE_VARS['GOsa_Filter_Settings']));
+ }
+ if(isset($cookie_all[$ui->dn])) {
+ $cookie = $cookie_all[$ui->dn];
+ $cookie_vars= array("MultiDialogFilters","CurrentMainBase","plug");
+ foreach($cookie_vars as $var) {
+ if(isset($cookie[$var])) {
+ session::global_set($var,$cookie[$var]);
+ }
+ }
+ if(isset($cookie['plug'])) {
+ $plug =$cookie['plug'];
+ }
+ }
+ }
}
- if(isset($cookie['plug'])){
- $plug =$cookie['plug'];
+
+ /* are we using accountexpiration */
+ if ($config->get_cfg_value("handleExpiredAccounts") == "true") {
+ $expired= ldap_expired_account($config, $ui->dn, $ui->username);
+
+ if ($expired == 1) {
+ $message= _("Account locked. Please contact your system administrator!");
+ $smarty->assign ('nextfield', 'password');
+ new log("security","login","",array(),"Account for user \"$username\" has expired") ;
+ } elseif ($expired == 3) {
+ $plist= new pluglist($config, $ui);
+ foreach ($plist->dirlist as $key => $value) {
+ if (preg_match("/\bpassword\b/i",$value)) {
+ $plug=$key;
+ new log("security","login","",array(),"User \"$username\" password forced to change") ;
+ header ("Location: main.php?plug=$plug&reset=1");
+ exit;
+ }
+ }
+ }
}
- }
- }
- }
-
- /* are we using accountexpiration */
- if ($config->get_cfg_value("handleExpiredAccounts") == "true"){
- $expired= ldap_expired_account($config, $ui->dn, $ui->username);
-
- if ($expired == 1){
- $message= _("Account locked. Please contact your system administrator!");
- $smarty->assign ('nextfield', 'password');
- new log("security","login","",array(),"Account for user \"$username\" has expired") ;
- } elseif ($expired == 3){
- $plist= new pluglist($config, $ui);
- foreach ($plist->dirlist as $key => $value){
- if (preg_match("/\bpassword\b/i",$value)){
- $plug=$key;
- new log("security","login","",array(),"User \"$username\" password forced to change") ;
- header ("Location: main.php?plug=$plug&reset=1");
- exit;
+
+ /* Not account expired or password forced change go to main page */
+ new log("security","login","",array(),"User \"$username\" logged in successfully") ;
+ $plist= new pluglist($config, $ui);
+ if(isset($plug) && isset($plist->dirlist[$plug])) {
+ header ("Location: main.php?plug=".$plug."&global_check=1");
+ }else{
+ header ("Location: main.php?global_check=1");
}
- }
+ exit;
}
- }
-
- /* Not account expired or password forced change go to main page */
- new log("security","login","",array(),"User \"$username\" logged in successfully") ;
- $plist= new pluglist($config, $ui);
- if(isset($plug) && isset($plist->dirlist[$plug])){
- header ("Location: main.php?plug=".$plug."&global_check=1");
- }else{
- header ("Location: main.php?global_check=1");
- }
- exit;
}
- }
}
/* Fill template with required values */
$smarty->assign ('directory_img', get_template_path('images/ldapserver.png'));
/* Some error to display? */
-if (!isset($message)){
- $message= "";
+if (!isset($message)) {
+ $message= "";
}
$smarty->assign ("message", $message);
@@ -426,34 +426,34 @@ $smarty->assign ("cookies", _("Your browser has cookies disabled. Please enable
/* Generate server list */
$servers= array();
-if (isset($_POST['server'])){
- $selected= validate($_POST['server']);
+if (isset($_POST['server'])) {
+ $selected= validate($_POST['server']);
} else {
- $selected= $config->data['MAIN']['DEFAULT'];
+ $selected= $config->data['MAIN']['DEFAULT'];
}
-foreach ($config->data['LOCATIONS'] as $key => $ignored){
- $servers[$key]= $key;
+foreach ($config->data['LOCATIONS'] as $key => $ignored) {
+ $servers[$key]= $key;
}
$smarty->assign ("server_options", $servers);
$smarty->assign ("server_id", $selected);
/* show login screen */
$smarty->assign ("PHPSESSID", session_id());
-if (session::is_set('errors')){
- $smarty->assign("errors", session::get('errors'));
+if (session::is_set('errors')) {
+ $smarty->assign("errors", session::get('errors'));
}
-if ($error_collector != ""){
- $smarty->assign("php_errors", preg_replace("/%BUGBODY%/",$error_collector_mailto,$error_collector)."</div>");
+if ($error_collector != "") {
+ $smarty->assign("php_errors", preg_replace("/%BUGBODY%/",$error_collector_mailto,$error_collector)."</div>");
} else {
- $smarty->assign("php_errors", "");
+ $smarty->assign("php_errors", "");
}
/* Set focus to the error button if we've an error message */
$focus= "";
-if (session::is_set('errors') && session::get('errors') != ""){
- $focus= '<script language="JavaScript" type="text/javascript">';
- $focus.= 'document.forms[0].error_accept.focus();';
- $focus.= '</script>';
+if (session::is_set('errors') && session::get('errors') != "") {
+ $focus= '<script language="JavaScript" type="text/javascript">';
+ $focus.= 'document.forms[0].error_accept.focus();';
+ $focus.= '</script>';
}
$smarty->assign("focus", $focus);
displayLogin();
index 459512228ef18b6574e2257483c79b57d07ca091..3eecd2e10ed886021a0547787ca85d42616e4832 100644 (file)
function displayPWchanger()
{
- global $smarty;
+ global $smarty;
- $smarty->display(get_template_path('password.tpl'));
- exit();
+ $smarty->display(get_template_path('password.tpl'));
+ exit();
}
/* Load required includes */
-require_once ("../include/php_setup.inc");
-require_once ("functions.inc");
+require_once "../include/php_setup.inc";
+require_once "functions.inc";
-if(!class_exists("log")){
- require_once("class_log.inc");
+if (!class_exists("log")) {
+ require_once("class_log.inc");
}
header("Content-type: text/html; charset=UTF-8");
session::start();
/* Destroy old session if exists.
- Else you will get your old session back, if you not logged out correctly. */
-if(is_array(session::get_all()) && count(session::get_all())){
- session::destroy();
- session::start();
+Else you will get your old session back, if you not logged out correctly. */
+if (is_array(session::get_all()) && count(session::get_all())) {
+ session::destroy();
+ session::start();
}
/* Reset errors */
-session::global_set('js',true);
-session::set('errors',"");
-session::set('errorsAlreadyPosted',array());
-session::set('LastError',"");
+session::global_set('js', true);
+session::set('errors', "");
+session::set('errorsAlreadyPosted', array());
+session::set('LastError', "");
/* Check if CONFIG_FILE is accessible */
-if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)){
- msg_dialog::display(_("Fatal error"), sprintf(_("GOsa configuration %s/%s is not readable. Aborted."),CONFIG_DIR,CONFIG_FILE), FATAL_ERROR_DIALOG);
- exit;
+if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)) {
+ msg_dialog::display(
+ _("Fatal error"),
+ sprintf(
+ _("GOsa configuration %s/%s is not readable. Aborted."),
+ CONFIG_DIR, CONFIG_FILE
+ ),
+ FATAL_ERROR_DIALOG
+ );
+ exit;
}
/* Parse configuration file */
$config= new config(CONFIG_DIR."/".CONFIG_FILE, $BASE_DIR);
session::global_set('DEBUGLEVEL', $config->get_cfg_value("debuglevel"));
-if ($_SERVER["REQUEST_METHOD"] != "POST"){
- @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config");
+if ($_SERVER["REQUEST_METHOD"] != "POST") {
+ @DEBUG(
+ DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config"
+ );
}
/* Set template compile directory */
-$smarty->compile_dir= $config->get_cfg_value("templateCompileDirectory", '/var/spool/gosa');
+$smarty->compile_dir= $config->get_cfg_value(
+ "templateCompileDirectory", '/var/spool/gosa'
+);
/* Check for compile directory */
-if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))){
- msg_dialog::display(_("Configuration error"), sprintf(_("Directory '%s' specified as compile directory is not accessible!"),
- $smarty->compile_dir), FATAL_ERROR_DIALOG);
- exit;
+if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))) {
+ msg_dialog::display(
+ _("Configuration error"),
+ sprintf(
+ _("Directory '%s' specified as compile directory is not accessible!"),
+ $smarty->compile_dir
+ ),
+ FATAL_ERROR_DIALOG
+ );
+ exit;
}
/* Check for old files in compile directory */
clean_smarty_compile_dir($smarty->compile_dir);
/* Language setup */
-if ($config->get_cfg_value("language") == ""){
- $lang= get_browser_language();
+if ($config->get_cfg_value("language") == "") {
+ $lang= get_browser_language();
} else {
- $lang= $config->get_cfg_value("language");
+ $lang= $config->get_cfg_value("language");
}
$lang.=".UTF-8";
putenv("LANGUAGE=");
/* Generate server list */
$servers= array();
-foreach ($config->data['LOCATIONS'] as $key => $ignored){
- $servers[$key]= $key;
+foreach ($config->data['LOCATIONS'] as $key => $ignored) {
+ $servers[$key]= $key;
}
-if (isset($_POST['server'])){
- $directory= validate($_POST['server']);
+if (isset($_POST['server'])) {
+ $directory= validate($_POST['server']);
} else {
- $directory= $config->data['MAIN']['DEFAULT'];
+ $directory= $config->data['MAIN']['DEFAULT'];
- if(!isset($servers[$directory])){
- $directory = key($servers);
- }
+ if (!isset($servers[$directory])) {
+ $directory = key($servers);
+ }
}
-if (isset($_GET['directory']) && isset($servers[$_GET['directory']])){
- $smarty->assign ("show_directory_chooser", false);
- $directory= validate($_GET['directory']);
+if (isset($_GET['directory']) && isset($servers[$_GET['directory']])) {
+ $smarty->assign("show_directory_chooser", false);
+ $directory= validate($_GET['directory']);
} else {
- $smarty->assign ("server_options", $servers);
- $smarty->assign ("server_id", $directory);
- $smarty->assign ("show_directory_chooser", true);
+ $smarty->assign("server_options", $servers);
+ $smarty->assign("server_id", $directory);
+ $smarty->assign("show_directory_chooser", true);
}
/* Set config to selected one */
$config->set_current($directory);
-session::global_set('config',$config);
+session::global_set('config', $config);
-if ($_SERVER["REQUEST_METHOD"] != "POST"){
- @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to");
+if ($_SERVER["REQUEST_METHOD"] != "POST") {
+ @DEBUG(
+ DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
+ $lang, "Setting language to"
+ );
}
if (!isset($_SERVER['HTTPS']) ||
!stristr($_SERVER['HTTPS'], "on")) {
- if (empty($_SERVER['REQUEST_URI'])) {
- $ssl= "https://".$_SERVER['HTTP_HOST'].
- $_SERVER['PATH_INFO'];
- } else {
- $ssl= "https://".$_SERVER['HTTP_HOST'].
- $_SERVER['REQUEST_URI'];
- }
+ if (empty($_SERVER['REQUEST_URI'])) {
+ $ssl= "https://".$_SERVER['HTTP_HOST'].
+ $_SERVER['PATH_INFO'];
+ } else {
+ $ssl= "https://".$_SERVER['HTTP_HOST'].
+ $_SERVER['REQUEST_URI'];
+ }
}
/* If SSL is forced, just forward to the SSL enabled site */
-if ($config->get_cfg_value("forcessl") == 'true' && $ssl != ''){
- header ("Location: $ssl");
- exit;
+if ($config->get_cfg_value("forcessl") == 'true' && $ssl != '') {
+ header("Location: $ssl");
+ exit;
}
/* Check for selected password method */
$method= $config->get_cfg_value("hash", "crypt/md5");
-if (isset($_GET['method'])){
- $method= validate($_GET['method']);
- $tmp = new passwordMethod($config);
- $available = $tmp->get_available_methods();
- if (!isset($available[$method])){
- msg_dialog::display(_("Password method"),_("Error: Password method not available!"),FATAL_ERROR_DIALOG);
- exit;
- }
+if (isset($_GET['method'])) {
+ $method= validate($_GET['method']);
+ $tmp = new passwordMethod($config);
+ $available = $tmp->get_available_methods();
+ if (!isset($available[$method])) {
+ msg_dialog::display(
+ _("Password method"),
+ _("Error: Password method not available!"),
+ FATAL_ERROR_DIALOG
+ );
+ exit;
+ }
}
/* Check for selected user... */
-if (isset($_GET['uid']) && $_GET['uid'] != ""){
- $uid= validate($_GET['uid']);
- $smarty->assign('display_username', false);
-} elseif (isset($_POST['uid'])){
- $uid= validate($_POST['uid']);
- $smarty->assign('display_username', true);
+if (isset($_GET['uid']) && $_GET['uid'] != "") {
+ $uid= validate($_GET['uid']);
+ $smarty->assign('display_username', false);
+} elseif (isset($_POST['uid'])) {
+ $uid= validate($_POST['uid']);
+ $smarty->assign('display_username', true);
} else {
- $uid= "";
- $smarty->assign('display_username', true);
+ $uid= "";
+ $smarty->assign('display_username', true);
}
$current_password= "";
$smarty->assign("changed", false);
/* Got a formular answer, validate and try to log in */
-if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['apply'])){
-
- /* Destroy old sessions, they cause a successfull login to relog again ...*/
- if(session::global_is_set('_LAST_PAGE_REQUEST')){
- session::global_set('_LAST_PAGE_REQUEST',time());
- }
-
- $message= array();
- $current_password= $_POST['current_password'];
-
- /* Do new and repeated password fields match? */
- $new_password= $_POST['new_password'];
- if ($_POST['new_password'] != $_POST['new_password_repeated']){
- $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match.");
- } else {
- if ($_POST['new_password'] == ""){
- $message[]= msgPool::required(_("New password"));
- }
- }
-
- /* Password policy fulfilled? */
- if ($config->get_cfg_value("passwordMinDiffer") != ""){
- $l= $config->get_cfg_value("passwordMinDiffer");
- if (substr($_POST['current_password'], 0, $l) == substr($_POST['new_password'], 0, $l)){
- $message[]= _("The password used as new and current are too similar.");
- }
- }
- if ($config->get_cfg_value("passwordMinLength") != ""){
- if (strlen($_POST['new_password']) < $config->get_cfg_value("passwordMinLength")){
- $message[]= _("The password used as new is to short.");
- }
- }
-
- /* Validate */
- if (!tests::is_uid($uid)){
- $message[]= msgPool::invalid(_("Login"));
- } elseif (mb_strlen($_POST["current_password"], 'UTF-8') == 0){
- $message[]= msgPool::required(_("Current password"));
- } else {
-
- /* Do we have the selected user somewhere? */
- $ui= ldap_login_user ($uid, $current_password);
-
- if ($ui === NULL){
- $message[]= _("Please check the username/password combination.");
+if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['apply'])) {
+
+ /* Destroy old sessions, they cause a successfull login to relog again ...*/
+ if (session::global_is_set('_LAST_PAGE_REQUEST')) {
+ session::global_set('_LAST_PAGE_REQUEST', time());
+ }
+
+ $message= array();
+ $current_password= $_POST['current_password'];
+
+ /* Do new and repeated password fields match? */
+ $new_password= $_POST['new_password'];
+ if ($_POST['new_password'] != $_POST['new_password_repeated']) {
+ $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match.");
} else {
- $acls = $ui->get_permissions($ui->dn,"users/password");
- if(!preg_match("/w/i",$acls)){
- $message[]= _("You have no permissions to change your password.");
- }
+ if ($_POST['new_password'] == "") {
+ $message[]= msgPool::required(_("New password"));
+ }
+ }
+
+ /* Password policy fulfilled? */
+ if ($config->get_cfg_value("passwordMinDiffer") != "") {
+ $l= $config->get_cfg_value("passwordMinDiffer");
+ if (substr($_POST['current_password'], 0, $l) ==
+ substr($_POST['new_password'], 0, $l)) {
+ $message[]= _("The password used as new and current are too similar.");
+ }
+ }
+ if ($config->get_cfg_value("passwordMinLength") != "") {
+ if (strlen($_POST['new_password']) <
+ $config->get_cfg_value("passwordMinLength")) {
+ $message[]= _("The password used as new is to short.");
+ }
+ }
+
+ /* Validate */
+ if (!tests::is_uid($uid)) {
+ $message[]= msgPool::invalid(_("Login"));
+ } elseif (mb_strlen($_POST["current_password"], 'UTF-8') == 0) {
+ $message[]= msgPool::required(_("Current password"));
+ } else {
+
+ /* Do we have the selected user somewhere? */
+ $ui= ldap_login_user($uid, $current_password);
+
+ if ($ui === NULL) {
+ $message[]= _("Please check the username/password combination.");
+ } else {
+ $acls = $ui->get_permissions($ui->dn, "users/password");
+ if (!preg_match("/w/i", $acls)) {
+ $message[]= _("You have no permissions to change your password.");
+ }
+ }
+ }
+
+ /* Do we need to show error messages? */
+ if (count($message) != 0) {
+ /* Show error message and continue editing */
+ msg_dialog::displayChecks($message);
+ } else {
+
+ /* Passed quality check, just try to change the password now */
+ $output= "";
+ if ($config->get_cfg_value("passwordHook") != "") {
+ exec(
+ $config->get_cfg_value("passwordHook")." ".$ui->username." ".
+ $_POST['current_password']." ".$_POST['new_password'],
+ $resarr
+ );
+ if (count($resarr) > 0) {
+ $output= join('\n', $resarr);
+ }
+ }
+ if ($output != "") {
+ $message[]= sprintf(
+ _("External password changer reported a problem: %s"),
+ $output
+ );
+ msg_dialog::displayChecks($message);
+ } else {
+ if ($method != "") {
+ change_password($ui->dn, $_POST['new_password'], 0, $method);
+ } else {
+ change_password($ui->dn, $_POST['new_password']);
+ }
+ gosa_log("User/password has been changed");
+ $smarty->assign("changed", true);
+ }
}
- }
-
- /* Do we need to show error messages? */
- if (count ($message) != 0){
- /* Show error message and continue editing */
- msg_dialog::displayChecks($message);
- } else {
-
- /* Passed quality check, just try to change the password now */
- $output= "";
- if ($config->get_cfg_value("passwordHook") != ""){
- exec($config->get_cfg_value("passwordHook")." ".$ui->username." ".
- $_POST['current_password']." ".$_POST['new_password'], $resarr);
- if(count($resarr) > 0) {
- $output= join('\n', $resarr);
- }
- }
- if ($output != ""){
- $message[]= _("External password changer reported a problem: ".$output);
- msg_dialog::displayChecks($message);
- } else {
- if ($method != ""){
- change_password ($ui->dn, $_POST['new_password'], 0, $method);
- } else {
- change_password ($ui->dn, $_POST['new_password']);
- }
- gosa_log ("User/password has been changed");
- $smarty->assign("changed", true);
- }
- }
}
/* Parameter fill up */
$params= "";
-foreach (array('uid', 'method', 'directory') as $index){
- $params.= "&$index=".urlencode($$index);
+foreach (array('uid', 'method', 'directory') as $index) {
+ $params.= "&$index=".urlencode($$index);
}
$params= preg_replace('/^&/', '?', $params);
$smarty->assign('params', $params);
/* Fill template with required values */
-$smarty->assign ('date', gmdate("D, d M Y H:i:s"));
-$smarty->assign ('uid', $uid);
-$smarty->assign ('password_img', get_template_path('images/password.png'));
+$smarty->assign('date', gmdate("D, d M Y H:i:s"));
+$smarty->assign('uid', $uid);
+$smarty->assign('password_img', get_template_path('images/password.png'));
/* Displasy SSL mode warning? */
-if ($ssl != "" && $config->get_cfg_value("warnssl") == 'true'){
- $smarty->assign ("ssl", "<b>"._("Warning").":</b> "._("Session will not be encrypted.")." <a style=\"color:red;\" href=\"".htmlentities($ssl)."\"><b>"._("Enter SSL session")."</b></a>!");
+if ($ssl != "" && $config->get_cfg_value("warnssl") == 'true') {
+ $smarty->assign(
+ "ssl",
+ "<b>"._("Warning").":</b> "._("Session will not be encrypted.").
+ " <a style=\"color:red;\" href=\"".htmlentities($ssl)."\"><b>".
+ _("Enter SSL session")."</b></a>!"
+ );
} else {
- $smarty->assign ("ssl", "");
+ $smarty->assign("ssl", "");
}
/* show login screen */
-$smarty->assign("JS",session::global_get('js'));
-$smarty->assign ("PHPSESSID", session_id());
-if (session::is_set('errors')){
- $smarty->assign("errors", session::get('errors'));;
+$smarty->assign("JS", session::global_get('js'));
+$smarty->assign("PHPSESSID", session_id());
+if (session::is_set('errors')) {
+ $smarty->assign("errors", session::get('errors'));;
}
-if ($error_collector != ""){
- $smarty->assign("php_errors", $error_collector."</div>");
+if ($error_collector != "") {
+ $smarty->assign("php_errors", $error_collector."</div>");
} else {
- $smarty->assign("php_errors", "");
+ $smarty->assign("php_errors", "");
}
$smarty->assign("msg_dialogs", msg_dialog::get_dialogs());