From 20adaf3ce8216ff1c2d54346008a947f81f67536 Mon Sep 17 00:00:00 2001 From: hickert Date: Tue, 10 Jul 2007 12:14:40 +0000 Subject: [PATCH] Updated pwd class git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@6806 594d385d-05f5-0310-b6e9-bd551577e9d8 --- plugins/personal/password/class_password.inc | 116 ++++++++++++++++++- plugins/personal/password/main.inc | 105 +++-------------- 2 files changed, 131 insertions(+), 90 deletions(-) diff --git a/plugins/personal/password/class_password.inc b/plugins/personal/password/class_password.inc index f53289ada..322fb619d 100644 --- a/plugins/personal/password/class_password.inc +++ b/plugins/personal/password/class_password.inc @@ -1,10 +1,120 @@ config->data['MAIN']['ACCOUNT_EXPIRATION'])) && + preg_match('/true/i', $this->config->data['MAIN']['ACCOUNT_EXPIRATION'])){ + $expired= ldap_expired_account($this->config, $ui->dn, $ui->username); + if($expired == 4){ + return($smarty->fetch(get_template_path("nochange.tpl", TRUE))); + } + } + + /* Pwd change requested */ + if (isset($_POST['password_finish'])){ + + /* Should we check different characters in new password */ + $check_differ = isset($this->config->data['MAIN']['PWDIFFER']); + $differ = @$this->config->data['MAIN']['PWDIFFER']; + + /* Enable length check ? */ + $check_length = isset($this->config->data['MAIN']['PWMINLEN']); + $length = @$this->config->data['MAIN']['PWMINLEN']; + + /* Call external password quality hook ?*/ + $check_hook = isset($this->config->data['MAIN']['EXTERNALPWDHOOK']); + $hook = @$this->config->data['MAIN']['EXTERNALPWDHOOK']." ".$ui->username." ".$_POST['current_password']." ".$_POST['new_password']; + if($check_hook){ + exec($hook,$resarr); + $check_hook_output = ""; + if(count($resarr) > 0) { + $check_hook_output= join('\n', $resarr); + } + } + + /* Check given values */ + if(empty($_POST['current_password'])){ + print_red(_("You need to specify your current password in order to proceed.")); + }elseif ($_POST['new_password'] != $_POST['repeated_password']){ + print_red(_("The passwords you've entered as 'New password' and 'Repeated new password' do not match.")); + } elseif ($_POST['new_password'] == ""){ + print_red(_("The password you've entered as 'New password' is empty.")); + }elseif($check_differ && (substr($_POST['current_password'], 0, $differ) == substr($_POST['new_password'], 0, $differ))){ + print_red(_("The password used as new and current are too similar.")); + }elseif($check_length && (strlen($_POST['new_password']) < $length)){ + print_red(_("The password used as new is to short.")); + }elseif($check_hook && $check_hook_output != ""){ + print_red(_("External password changer reported a problem: ".$output)); + }else{ + + /* Try to connect via current password */ + $tldap = new LDAP( + $ui->dn, + $_POST['current_password'], + $this->config->current['SERVER'], + isset($this->config->current['RECURSIVE']) && preg_match("/true/i",$this->config->current['RECURSIVE']), + isset($this->config->current['TLS']) && preg_match("/true/i",$this->config->current['TLS'])); + + /* connection Successfull ? */ + if ($tldap->error != "Success"){ + print_red(_("The password you've entered as your current password doesn't match the real one.")); + }else{ + + /* Check GOsa permissions */ + $ca= get_permissions ($ui->dn, $ui->subtreeACL); + $ca= get_module_permission($ca, "user", $ui->dn); + if (chkacl($ca, "password") != ""){ + print_red(_("You have no permissions to change your password.")); + }else{ + change_password ($ui->dn, $_POST['new_password']); + gosa_log ("User/password has been changed"); + $ui->password= $_POST['new_password']; + $_SESSION['ui']= $ui; + return($smarty->fetch(get_template_path("changed.tpl", TRUE))); + } + } + } + } + + return($smarty->fetch(get_template_path("password.tpl", TRUE))); + } } + // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?> diff --git a/plugins/personal/password/main.inc b/plugins/personal/password/main.inc index dd83a1937..b8135bc6a 100644 --- a/plugins/personal/password/main.inc +++ b/plugins/personal/password/main.inc @@ -18,103 +18,34 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ +/* Clear display */ $display= ""; if (!$remove_lock){ - /* Check for interaction */ - if ($_SERVER["REQUEST_METHOD"] == "POST"){ - if (isset($_POST['password_finish'])){ - $message= array(); + /* Reset requested? */ + if (isset($_POST['edit_cancel']) || + (isset($_GET['reset']) && $_GET['reset'] == 1)){ - /* Is current password correct? */ - if ($_POST['current_password'] != ""){ - $tldap = new LDAP($ui->dn, $_POST['current_password'], - $config->current['SERVER'], - isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true", - isset($config->current['TLS']) && $config->current['TLS'] == "true"); - if ($tldap->error != "Success"){ - $message[]= _("The password you've entered as your current password doesn't match the real one."); - } - } else { - $message[]= _("You need to specify your current password in order to proceed."); - } - - /* Do new and repeated password fields match? */ - if ($_POST['new_password'] != $_POST['repeated_password']){ - $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."); - } else { - if ($_POST['new_password'] == ""){ - $message[]= _("The password you've entered as 'New password' is empty."); - } - } + del_lock ($ui->dn); + sess_del ('edit'); + sess_del ('password'); + } - /* Password policy fulfilled? */ - if (isset($config->data['MAIN']['PWDIFFER'])){ - $l= $config->data['MAIN']['PWDIFFER']; - if (substr($_POST['current_password'], 0, $l) == substr($_POST['new_password'], 0, $l)){ - $message[]= _("The password used as new and current are too similar."); - } - } - if (isset($config->data['MAIN']['PWMINLEN'])){ - if (strlen($_POST['new_password']) < $config->data['MAIN']['PWMINLEN']){ - $message[]= _("The password used as new is to short."); - } - } + /* Create password object on demand */ + if (!isset($_SESSION['password']) || (isset($_GET['reset']) && $_GET['reset'] == 1)){ + $_SESSION['password']= new password ($config, $ui->dn); + } + $password= $_SESSION['password']; - $ca= get_permissions ($ui->dn, $ui->subtreeACL); - $ca= get_module_permission($ca, "user", $ui->dn); - if (chkacl($ca, "password") != ""){ - $message[]= _("You have no permissions to change your password."); - } + /* Execute formular */ + $display.= $password->execute (); - if (count ($message) != 0){ - /* Show error message and continue editing */ - show_errors($message); - } else { + /* Page header*/ + $display= print_header(get_template_path('images/password.png'), + _("Password settings"), "").$display; - /* Passed quality check, just try to change the password now */ - $output= ""; - if (isset($config->data['MAIN']['EXTERNALPWDHOOK'])){ - exec($config->data['MAIN']['EXTERNALPWDHOOK']." ".$ui->username." ". - $_POST['current_password']." ".$_POST['new_password'], $resarr); - if(count($resarr) > 0) { - $output= join('\n', $resarr); - } - } - if ($output != ""){ - $message[]= _("External password changer reported a problem: ".$output); - show_errors($message); - } else { - change_password ($ui->dn, $_POST['new_password']); - gosa_log ("User/password has been changed"); - $ui->password= $_POST['new_password']; - $_SESSION['ui']= $ui; - $display= $smarty->fetch(get_template_path("changed.tpl", TRUE)); - } - } - } - } - - if ($display == ""){ - if((isset($config->data['MAIN']['ACCOUNT_EXPIRATION'])) && - !preg_match('/true/i', $config->data['MAIN']['ACCOUNT_EXPIRATION'])){ - $display= $smarty->fetch(get_template_path("password.tpl", TRUE)); - }else{ - $expired= ldap_expired_account($config, $ui->dn, $ui->username); - - if($expired == 4){ - $display= $smarty->fetch(get_template_path("nochange.tpl", TRUE)); - }else{ - $display= $smarty->fetch(get_template_path("password.tpl", TRUE)); - } - } - } } -/* Assign headline image */ -$display= print_header(get_template_path('images/password.png'), - _("Change password"), "").$display; - // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?> -- 2.30.2