From 2eccbdc67936ff406895dd86a777f8c97840b3dc Mon Sep 17 00:00:00 2001 From: cajus Date: Thu, 25 Mar 2010 09:52:28 +0000 Subject: [PATCH] Updated index and php for testing git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@17197 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-core/html/index.php | 580 ++++++++++++++++++------------------ gosa-core/html/password.php | 367 +++++++++++++---------- 2 files changed, 492 insertions(+), 455 deletions(-) diff --git a/gosa-core/html/index.php b/gosa-core/html/index.php index 96f29ae92..31eb1ad16 100644 --- a/gosa-core/html/index.php +++ b/gosa-core/html/index.php @@ -1,5 +1,5 @@ get_cfg_value('theme', 'default'); - if (file_exists("$BASE_DIR/ihtml/themes/$theme/blacklist")) { - $blocks= file("$BASE_DIR/ihtml/themes/$theme/blacklist"); - foreach ($blocks as $block) { - if (preg_match('/'.preg_quote($block).'/', $_SERVER['HTTP_USER_AGENT'])) { - die(sprintf(_("Your browser (%s) is blacklisted for the current theme."), $block)); - } + global $smarty,$message,$config,$ssl,$error_collector, $BASE_DIR; + error_reporting(E_ALL | E_STRICT); + + /* Check theme compatibility */ + $theme= $config->get_cfg_value('theme', 'default'); + if (file_exists("$BASE_DIR/ihtml/themes/$theme/blacklist")) { + $blocks= file("$BASE_DIR/ihtml/themes/$theme/blacklist"); + foreach ($blocks as $block) { + if (preg_match('/'.preg_quote($block).'/', $_SERVER['HTTP_USER_AGENT'])) { + die(sprintf(_("Your browser (%s) is blacklisted for the current theme."), $block)); + } + } } - } - - /* Fill template with required values */ - $username = ""; - if(isset($_POST["username"])){ - $username= $_POST["username"]; - } - $smarty->assign ("logo", image(get_template_path("images/logo.png"))); - $smarty->assign ('date', gmdate("D, d M Y H:i:s")); - $smarty->assign ('username', $username); - $smarty->assign ('personal_img', get_template_path('images/login-head.png')); - $smarty->assign ('password_img', get_template_path('images/password.png')); - $smarty->assign ('directory_img', get_template_path('images/ldapserver.png')); - - /* Some error to display? */ - if (!isset($message)){ - $message= ""; - } - $smarty->assign ("message", $message); - - /* Displasy SSL mode warning? */ - if ($ssl != "" && $config->get_cfg_value('warnssl') == 'true'){ - $smarty->assign ("ssl", sprintf(_("This session is not ecrypted. Click %s to enter an encrypted session."), ""._("here")."")); - } else { - $smarty->assign ("ssl", ""); - } - - if(!$config->check_session_lifetime()){ - $smarty->assign ("lifetime", _("The session lifetime configured in your gosa.conf will be overridden by php.ini settings.")); - }else{ - $smarty->assign ("lifetime", ""); - } - - /* Generate server list */ - $servers= array(); - if (isset($_POST['server'])){ - $selected= validate($_POST['server']); - } else { - $selected= $config->data['MAIN']['DEFAULT']; - } - foreach ($config->data['LOCATIONS'] as $key => $ignored){ - $servers[$key]= $key; - } - $smarty->assign ("server_options", $servers); - $smarty->assign ("server_id", $selected); - /* show login screen */ - $smarty->assign ("PHPSESSID", session_id()); - if (session::is_set('errors')){ - $smarty->assign("errors", session::get('errors')); - } - if ($error_collector != ""){ - $smarty->assign("php_errors", $error_collector.""); - } else { - $smarty->assign("php_errors", ""); - } - $smarty->assign("msg_dialogs", msg_dialog::get_dialogs()); - $smarty->assign("iePngWorkaround", $config->get_cfg_value("iePngWorkaround","false" ) == "true"); - $smarty->assign("usePrototype", "false"); - $smarty->display (get_template_path('headers.tpl')); - $smarty->assign("version",get_gosa_version()); - $smarty->display(get_template_path('login.tpl')); - exit(); + /* Fill template with required values */ + $username = ""; + if(isset($_POST["username"])) { + $username= $_POST["username"]; + } + $smarty->assign("logo", image(get_template_path("images/logo.png"))); + $smarty->assign('date', gmdate("D, d M Y H:i:s")); + $smarty->assign('username', $username); + $smarty->assign('personal_img', get_template_path('images/login-head.png')); + $smarty->assign('password_img', get_template_path('images/password.png')); + $smarty->assign('directory_img', get_template_path('images/ldapserver.png')); + + /* Some error to display? */ + if (!isset($message)) { + $message= ""; + } + $smarty->assign("message", $message); + + /* Displasy SSL mode warning? */ + if ($ssl != "" && $config->get_cfg_value('warnssl') == 'true') { + $smarty->assign("ssl", sprintf(_("This session is not ecrypted. Click %s to enter an encrypted session."), ""._("here")."")); + } else { + $smarty->assign("ssl", ""); + } + + if(!$config->check_session_lifetime()) { + $smarty->assign ("lifetime", _("The session lifetime configured in your gosa.conf will be overridden by php.ini settings.")); + } else { + $smarty->assign ("lifetime", ""); + } + + /* Generate server list */ + $servers= array(); + if (isset($_POST['server'])) { + $selected= validate($_POST['server']); + } else { + $selected= $config->data['MAIN']['DEFAULT']; + } + foreach ($config->data['LOCATIONS'] as $key => $ignored) { + $servers[$key]= $key; + } + $smarty->assign ("server_options", $servers); + $smarty->assign ("server_id", $selected); + + /* show login screen */ + $smarty->assign ("PHPSESSID", session_id()); + if (session::is_set('errors')) { + $smarty->assign("errors", session::get('errors')); + } + if ($error_collector != "") { + $smarty->assign("php_errors", $error_collector.""); + } else { + $smarty->assign("php_errors", ""); + } + $smarty->assign("msg_dialogs", msg_dialog::get_dialogs()); + $smarty->assign("iePngWorkaround", $config->get_cfg_value("iePngWorkaround","false" ) == "true"); + $smarty->assign("usePrototype", "false"); + $smarty->display (get_template_path('headers.tpl')); + $smarty->assign("version",get_gosa_version()); + $smarty->display(get_template_path('login.tpl')); + exit(); } @@ -117,15 +117,15 @@ function displayLogin() *****************************************************************************/ /* Set error handler to own one, initialize time calculation - and start session. */ +and start session. */ session::start(); session::set('errorsAlreadyPosted',array()); /* Destroy old session if exists. - Else you will get your old session back, if you not logged out correctly. */ -if(is_array(session::get_all()) && count(session::get_all())){ - session::destroy(); - session::start(); +Else you will get your old session back, if you not logged out correctly. */ +if(is_array(session::get_all()) && count(session::get_all())) { + session::destroy(); + session::start(); } $username= ""; @@ -136,9 +136,9 @@ session::set('errorsAlreadyPosted',""); session::set('LastError',""); /* Check if we need to run setup */ -if (!file_exists(CONFIG_DIR."/".CONFIG_FILE)){ - header("location:setup.php"); - exit(); +if (!file_exists(CONFIG_DIR."/".CONFIG_FILE)) { + header("location:setup.php"); + exit(); } /* Reset errors */ @@ -146,37 +146,37 @@ session::set('errors',""); /* Check for java script */ if(isset($_POST['javascript']) && $_POST['javascript'] == "true") { - session::global_set('js',TRUE); + session::global_set('js',TRUE); }elseif(isset($_POST['javascript'])) { - session::global_set('js',FALSE); + session::global_set('js',FALSE); } /* Check if gosa.conf (.CONFIG_FILE) is accessible */ -if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)){ - msg_dialog::display(_("Configuration error"),sprintf(_("GOsa configuration %s/%s is not readable. Aborted."), CONFIG_DIR,CONFIG_FILE),FATAL_ERROR_DIALOG); - exit(); +if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)) { + msg_dialog::display(_("Configuration error"),sprintf(_("GOsa configuration %s/%s is not readable. Aborted."), CONFIG_DIR,CONFIG_FILE),FATAL_ERROR_DIALOG); + exit(); } /* Parse configuration file */ $config= new config(CONFIG_DIR."/".CONFIG_FILE, $BASE_DIR); session::global_set('DEBUGLEVEL',$config->get_cfg_value('DEBUGLEVEL')); -if ($_SERVER["REQUEST_METHOD"] != "POST"){ - @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config"); +if ($_SERVER["REQUEST_METHOD"] != "POST") { + @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config"); } /* Enable compressed output */ -if ($config->get_cfg_value("sendCompressedOutput") != ""){ - ob_start("ob_gzhandler"); +if ($config->get_cfg_value("sendCompressedOutput") != "") { + ob_start("ob_gzhandler"); } /* Set template compile directory */ $smarty->compile_dir= $config->get_cfg_value("templateCompileDirectory", '/var/spool/gosa'); /* Check for compile directory */ -if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))){ - msg_dialog::display(_("Smarty error"),sprintf(_("Directory '%s' specified as compile directory is not accessible!"), +if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))) { + msg_dialog::display(_("Smarty error"),sprintf(_("Directory '%s' specified as compile directory is not accessible!"), $smarty->compile_dir),FATAL_ERROR_DIALOG); - exit(); + exit(); } /* Check for old files in compile directory */ @@ -196,8 +196,8 @@ bindtextdomain($domain, LOCALE_DIR); textdomain($domain); $smarty->assign ('nextfield', 'username'); -if ($_SERVER["REQUEST_METHOD"] != "POST"){ - @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to"); +if ($_SERVER["REQUEST_METHOD"] != "POST") { + @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to"); } @@ -206,205 +206,205 @@ $ssl= ""; if (!isset($_SERVER['HTTPS']) || !stristr($_SERVER['HTTPS'], "on")) { - if (empty($_SERVER['REQUEST_URI'])) { - $ssl= "https://".$_SERVER['HTTP_HOST']. - $_SERVER['PATH_INFO']; - } else { - $ssl= "https://".$_SERVER['HTTP_HOST']. - $_SERVER['REQUEST_URI']; - } -} + if (empty($_SERVER['REQUEST_URI'])) { + $ssl= "https://".$_SERVER['HTTP_HOST']. + $_SERVER['PATH_INFO']; + } else { + $ssl= "https://".$_SERVER['HTTP_HOST']. + $_SERVER['REQUEST_URI']; + } + } /* If SSL is forced, just forward to the SSL enabled site */ -if ($config->get_cfg_value("forcessl") == 'true' && $ssl != ''){ - header ("Location: $ssl"); - exit; +if ($config->get_cfg_value("forcessl") == 'true' && $ssl != '') { + header ("Location: $ssl"); + exit; } /* Do we have htaccess authentification enabled? */ $htaccess_authenticated= FALSE; -if ($config->get_cfg_value("htaccessAuthentication") == "true" ){ - if (!isset($_SERVER['REMOTE_USER'])){ - msg_dialog::display(_("Configuration error"), _("There is a problem with the authentication setup!"), FATAL_ERROR_DIALOG); - exit; - } +if ($config->get_cfg_value("htaccessAuthentication") == "true" ) { + if (!isset($_SERVER['REMOTE_USER'])) { + msg_dialog::display(_("Configuration error"), _("There is a problem with the authentication setup!"), FATAL_ERROR_DIALOG); + exit; + } - $tmp= process_htaccess($_SERVER['REMOTE_USER'], isset($_SERVER['KRB5CCNAME'])); - $username= $tmp['username']; - $server= $tmp['server']; - if ($username == ""){ - msg_dialog::display(_("Error"), _("Cannot find a valid user for the current authentication setup!"), FATAL_ERROR_DIALOG); - exit; - } - if ($server == ""){ - msg_dialog::display(_("Error"), _("User information is not unique accross the configured LDAP trees!"), FATAL_ERROR_DIALOG); - exit; - } + $tmp= process_htaccess($_SERVER['REMOTE_USER'], isset($_SERVER['KRB5CCNAME'])); + $username= $tmp['username']; + $server= $tmp['server']; + if ($username == "") { + msg_dialog::display(_("Error"), _("Cannot find a valid user for the current authentication setup!"), FATAL_ERROR_DIALOG); + exit; + } + if ($server == "") { + msg_dialog::display(_("Error"), _("User information is not unique accross the configured LDAP trees!"), FATAL_ERROR_DIALOG); + exit; + } - $htaccess_authenticated= TRUE; + $htaccess_authenticated= TRUE; } /* Got a formular answer, validate and try to log in */ -if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htaccess_authenticated){ - - /* Reset error messages */ - $message= ""; - - /* Destroy old sessions, they cause a successfull login to relog again ...*/ - if(session::global_is_set('_LAST_PAGE_REQUEST')){ - session::global_set('_LAST_PAGE_REQUEST',time()); - } - - if (!$htaccess_authenticated){ - $server= validate($_POST["server"]); - } - $config->set_current($server); - - /* Admin-logon and verify */ - $ldap = $config->get_ldap_link(); - if (is_null($ldap) || (is_int($ldap) && $ldap == 0)){ - msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class())); - displayLogin(); - exit(); - } - - /* Check for schema file presence */ - if ($config->get_cfg_value("schemaCheck") == "true"){ - $recursive = ($config->get_cfg_value("ldapFollowReferrals") == "true"); - $tls = ($config->get_cfg_value("ldapTLS") == "true"); - - if(!count($ldap->get_objectclasses())){ - msg_dialog::display(_("LDAP error"), _("Cannot detect information about the installed LDAP schema!"), ERROR_DIALOG); - displayLogin(); - exit() ; - }else{ - $cfg = array(); - $cfg['admin'] = $config->current['ADMINDN']; - $cfg['password'] = $config->current['ADMINPASSWORD']; - $cfg['connection']= $config->current['SERVER']; - $cfg['tls'] = $tls; - $str = check_schema($cfg, $config->get_cfg_value("rfc2307bis") == "true"); - $checkarr = array(); - foreach($str as $tr){ - if(isset($tr['IS_MUST_HAVE']) && !$tr['STATUS']){ - msg_dialog::display(_("LDAP error"), _("Your LDAP setup contains old schema definitions:")."

".$tr['MSG']."", ERROR_DIALOG); - displayLogin(); - exit(); - } - } +if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htaccess_authenticated) { + + /* Reset error messages */ + $message= ""; + + /* Destroy old sessions, they cause a successfull login to relog again ...*/ + if(session::global_is_set('_LAST_PAGE_REQUEST')) { + session::global_set('_LAST_PAGE_REQUEST',time()); + } + + if (!$htaccess_authenticated) { + $server= validate($_POST["server"]); } - } - - /* Check for locking area */ - $ldap->cat($config->get_cfg_value("config"), array("dn")); - $attrs= $ldap->fetch(); - if (!count ($attrs)){ - $ldap->cd($config->current['BASE']); - $ldap->create_missing_trees($config->get_cfg_value("config")); - } - - /* Check for valid input */ - $ok= true; - if (!$htaccess_authenticated){ - $username= $_POST["username"]; - if (!preg_match("/^[@A-Za-z0-9_.-]+$/", $username)){ - $message= _("Please specify a valid username!"); - $ok= false; - } elseif (mb_strlen($_POST["password"], 'UTF-8') == 0){ - $message= _("Please specify your password!"); - $smarty->assign ('nextfield', 'password'); - $ok= false; + $config->set_current($server); + + /* Admin-logon and verify */ + $ldap = $config->get_ldap_link(); + if (is_null($ldap) || (is_int($ldap) && $ldap == 0)) { + msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class())); + displayLogin(); + exit(); } - } - if ($ok) { + /* Check for schema file presence */ + if ($config->get_cfg_value("schemaCheck") == "true") { + $recursive = ($config->get_cfg_value("ldapFollowReferrals") == "true"); + $tls = ($config->get_cfg_value("ldapTLS") == "true"); + + if(!count($ldap->get_objectclasses())) { + msg_dialog::display(_("LDAP error"), _("Cannot detect information about the installed LDAP schema!"), ERROR_DIALOG); + displayLogin(); + exit() ; + }else{ + $cfg = array(); + $cfg['admin'] = $config->current['ADMINDN']; + $cfg['password'] = $config->current['ADMINPASSWORD']; + $cfg['connection']= $config->current['SERVER']; + $cfg['tls'] = $tls; + $str = check_schema($cfg, $config->get_cfg_value("rfc2307bis") == "true"); + $checkarr = array(); + foreach($str as $tr) { + if(isset($tr['IS_MUST_HAVE']) && !$tr['STATUS']) { + msg_dialog::display(_("LDAP error"), _("Your LDAP setup contains old schema definitions:")."

".$tr['MSG']."", ERROR_DIALOG); + displayLogin(); + exit(); + } + } + } + } - /* Login as user, initialize user ACL's */ - if ($htaccess_authenticated){ - $ui= ldap_login_user_htaccess($username); - if ($ui === NULL || !$ui){ - msg_dialog::display(_("Authentication error"), _("Cannot retrieve user information for htaccess authentication!"), FATAL_ERROR_DIALOG); - exit; - } - } else { - $ui= ldap_login_user($username, $_POST["password"]); + /* Check for locking area */ + $ldap->cat($config->get_cfg_value("config"), array("dn")); + $attrs= $ldap->fetch(); + if (!count ($attrs)) { + $ldap->cd($config->current['BASE']); + $ldap->create_missing_trees($config->get_cfg_value("config")); + } + + /* Check for valid input */ + $ok= true; + if (!$htaccess_authenticated) { + $username= $_POST["username"]; + if (!preg_match("/^[@A-Za-z0-9_.-]+$/", $username)) { + $message= _("Please specify a valid username!"); + $ok= false; + } elseif (mb_strlen($_POST["password"], 'UTF-8') == 0) { + $message= _("Please specify your password!"); + $smarty->assign ('nextfield', 'password'); + $ok= false; + } } - if ($ui === NULL || !$ui){ - $message= _("Please check the username/password combination."); - $smarty->assign ('nextfield', 'password'); - session::global_set('config',$config); - new log("security","login","",array(),"Authentication failed for user \"$username\""); - } else { - /* Remove all locks of this user */ - del_user_locks($ui->dn); - /* Save userinfo and plugin structure */ - session::global_set('ui',$ui); - session::global_set('session_cnt',0); + if ($ok) { + + /* Login as user, initialize user ACL's */ + if ($htaccess_authenticated) { + $ui= ldap_login_user_htaccess($username); + if ($ui === NULL || !$ui) { + msg_dialog::display(_("Authentication error"), _("Cannot retrieve user information for htaccess authentication!"), FATAL_ERROR_DIALOG); + exit; + } + } else { + $ui= ldap_login_user($username, $_POST["password"]); + } + if ($ui === NULL || !$ui) { + $message= _("Please check the username/password combination."); + $smarty->assign ('nextfield', 'password'); + session::global_set('config',$config); + new log("security","login","",array(),"Authentication failed for user \"$username\""); + } else { + /* Remove all locks of this user */ + del_user_locks($ui->dn); + + /* Save userinfo and plugin structure */ + session::global_set('ui',$ui); + session::global_set('session_cnt',0); /* Let GOsa trigger a new connection for each POST, save - config to session. */ - $config->get_departments(); - $config->make_idepartments(); - session::global_set('config',$config); - - /* Restore filter settings from cookie, if available */ - if($config->get_cfg_value("storeFilterSettings") == "true"){ - - if(isset($_COOKIE['GOsa_Filter_Settings']) || isset($HTTP_COOKIE_VARS['GOsa_Filter_Settings'])){ - - if(isset($_COOKIE['GOsa_Filter_Settings'])){ - $cookie_all = unserialize(base64_decode($_COOKIE['GOsa_Filter_Settings'])); - }else{ - $cookie_all = unserialize(base64_decode($HTTP_COOKIE_VARS['GOsa_Filter_Settings'])); - } - if(isset($cookie_all[$ui->dn])){ - $cookie = $cookie_all[$ui->dn]; - $cookie_vars= array("MultiDialogFilters","CurrentMainBase","plug"); - foreach($cookie_vars as $var){ - if(isset($cookie[$var])){ - session::global_set($var,$cookie[$var]); - } + config to session. */ + $config->get_departments(); + $config->make_idepartments(); + session::global_set('config',$config); + + /* Restore filter settings from cookie, if available */ + if($config->get_cfg_value("storeFilterSettings") == "true") { + + if(isset($_COOKIE['GOsa_Filter_Settings']) || isset($HTTP_COOKIE_VARS['GOsa_Filter_Settings'])) { + + if(isset($_COOKIE['GOsa_Filter_Settings'])) { + $cookie_all = unserialize(base64_decode($_COOKIE['GOsa_Filter_Settings'])); + }else{ + $cookie_all = unserialize(base64_decode($HTTP_COOKIE_VARS['GOsa_Filter_Settings'])); + } + if(isset($cookie_all[$ui->dn])) { + $cookie = $cookie_all[$ui->dn]; + $cookie_vars= array("MultiDialogFilters","CurrentMainBase","plug"); + foreach($cookie_vars as $var) { + if(isset($cookie[$var])) { + session::global_set($var,$cookie[$var]); + } + } + if(isset($cookie['plug'])) { + $plug =$cookie['plug']; + } + } + } } - if(isset($cookie['plug'])){ - $plug =$cookie['plug']; + + /* are we using accountexpiration */ + if ($config->get_cfg_value("handleExpiredAccounts") == "true") { + $expired= ldap_expired_account($config, $ui->dn, $ui->username); + + if ($expired == 1) { + $message= _("Account locked. Please contact your system administrator!"); + $smarty->assign ('nextfield', 'password'); + new log("security","login","",array(),"Account for user \"$username\" has expired") ; + } elseif ($expired == 3) { + $plist= new pluglist($config, $ui); + foreach ($plist->dirlist as $key => $value) { + if (preg_match("/\bpassword\b/i",$value)) { + $plug=$key; + new log("security","login","",array(),"User \"$username\" password forced to change") ; + header ("Location: main.php?plug=$plug&reset=1"); + exit; + } + } + } } - } - } - } - - /* are we using accountexpiration */ - if ($config->get_cfg_value("handleExpiredAccounts") == "true"){ - $expired= ldap_expired_account($config, $ui->dn, $ui->username); - - if ($expired == 1){ - $message= _("Account locked. Please contact your system administrator!"); - $smarty->assign ('nextfield', 'password'); - new log("security","login","",array(),"Account for user \"$username\" has expired") ; - } elseif ($expired == 3){ - $plist= new pluglist($config, $ui); - foreach ($plist->dirlist as $key => $value){ - if (preg_match("/\bpassword\b/i",$value)){ - $plug=$key; - new log("security","login","",array(),"User \"$username\" password forced to change") ; - header ("Location: main.php?plug=$plug&reset=1"); - exit; + + /* Not account expired or password forced change go to main page */ + new log("security","login","",array(),"User \"$username\" logged in successfully") ; + $plist= new pluglist($config, $ui); + if(isset($plug) && isset($plist->dirlist[$plug])) { + header ("Location: main.php?plug=".$plug."&global_check=1"); + }else{ + header ("Location: main.php?global_check=1"); } - } + exit; } - } - - /* Not account expired or password forced change go to main page */ - new log("security","login","",array(),"User \"$username\" logged in successfully") ; - $plist= new pluglist($config, $ui); - if(isset($plug) && isset($plist->dirlist[$plug])){ - header ("Location: main.php?plug=".$plug."&global_check=1"); - }else{ - header ("Location: main.php?global_check=1"); - } - exit; } - } } /* Fill template with required values */ @@ -415,8 +415,8 @@ $smarty->assign ('password_img', get_template_path('images/password.png')); $smarty->assign ('directory_img', get_template_path('images/ldapserver.png')); /* Some error to display? */ -if (!isset($message)){ - $message= ""; +if (!isset($message)) { + $message= ""; } $smarty->assign ("message", $message); @@ -426,34 +426,34 @@ $smarty->assign ("cookies", _("Your browser has cookies disabled. Please enable /* Generate server list */ $servers= array(); -if (isset($_POST['server'])){ - $selected= validate($_POST['server']); +if (isset($_POST['server'])) { + $selected= validate($_POST['server']); } else { - $selected= $config->data['MAIN']['DEFAULT']; + $selected= $config->data['MAIN']['DEFAULT']; } -foreach ($config->data['LOCATIONS'] as $key => $ignored){ - $servers[$key]= $key; +foreach ($config->data['LOCATIONS'] as $key => $ignored) { + $servers[$key]= $key; } $smarty->assign ("server_options", $servers); $smarty->assign ("server_id", $selected); /* show login screen */ $smarty->assign ("PHPSESSID", session_id()); -if (session::is_set('errors')){ - $smarty->assign("errors", session::get('errors')); +if (session::is_set('errors')) { + $smarty->assign("errors", session::get('errors')); } -if ($error_collector != ""){ - $smarty->assign("php_errors", preg_replace("/%BUGBODY%/",$error_collector_mailto,$error_collector).""); +if ($error_collector != "") { + $smarty->assign("php_errors", preg_replace("/%BUGBODY%/",$error_collector_mailto,$error_collector).""); } else { - $smarty->assign("php_errors", ""); + $smarty->assign("php_errors", ""); } /* Set focus to the error button if we've an error message */ $focus= ""; -if (session::is_set('errors') && session::get('errors') != ""){ - $focus= ''; +if (session::is_set('errors') && session::get('errors') != "") { + $focus= ''; } $smarty->assign("focus", $focus); displayLogin(); diff --git a/gosa-core/html/password.php b/gosa-core/html/password.php index 459512228..3eecd2e10 100644 --- a/gosa-core/html/password.php +++ b/gosa-core/html/password.php @@ -22,18 +22,18 @@ function displayPWchanger() { - global $smarty; + global $smarty; - $smarty->display(get_template_path('password.tpl')); - exit(); + $smarty->display(get_template_path('password.tpl')); + exit(); } /* Load required includes */ -require_once ("../include/php_setup.inc"); -require_once ("functions.inc"); +require_once "../include/php_setup.inc"; +require_once "functions.inc"; -if(!class_exists("log")){ - require_once("class_log.inc"); +if (!class_exists("log")) { + require_once("class_log.inc"); } header("Content-type: text/html; charset=UTF-8"); @@ -41,49 +41,66 @@ header("Content-type: text/html; charset=UTF-8"); session::start(); /* Destroy old session if exists. - Else you will get your old session back, if you not logged out correctly. */ -if(is_array(session::get_all()) && count(session::get_all())){ - session::destroy(); - session::start(); +Else you will get your old session back, if you not logged out correctly. */ +if (is_array(session::get_all()) && count(session::get_all())) { + session::destroy(); + session::start(); } /* Reset errors */ -session::global_set('js',true); -session::set('errors',""); -session::set('errorsAlreadyPosted',array()); -session::set('LastError',""); +session::global_set('js', true); +session::set('errors', ""); +session::set('errorsAlreadyPosted', array()); +session::set('LastError', ""); /* Check if CONFIG_FILE is accessible */ -if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)){ - msg_dialog::display(_("Fatal error"), sprintf(_("GOsa configuration %s/%s is not readable. Aborted."),CONFIG_DIR,CONFIG_FILE), FATAL_ERROR_DIALOG); - exit; +if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)) { + msg_dialog::display( + _("Fatal error"), + sprintf( + _("GOsa configuration %s/%s is not readable. Aborted."), + CONFIG_DIR, CONFIG_FILE + ), + FATAL_ERROR_DIALOG + ); + exit; } /* Parse configuration file */ $config= new config(CONFIG_DIR."/".CONFIG_FILE, $BASE_DIR); session::global_set('DEBUGLEVEL', $config->get_cfg_value("debuglevel")); -if ($_SERVER["REQUEST_METHOD"] != "POST"){ - @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config"); +if ($_SERVER["REQUEST_METHOD"] != "POST") { + @DEBUG( + DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config" + ); } /* Set template compile directory */ -$smarty->compile_dir= $config->get_cfg_value("templateCompileDirectory", '/var/spool/gosa'); +$smarty->compile_dir= $config->get_cfg_value( + "templateCompileDirectory", '/var/spool/gosa' +); /* Check for compile directory */ -if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))){ - msg_dialog::display(_("Configuration error"), sprintf(_("Directory '%s' specified as compile directory is not accessible!"), - $smarty->compile_dir), FATAL_ERROR_DIALOG); - exit; +if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))) { + msg_dialog::display( + _("Configuration error"), + sprintf( + _("Directory '%s' specified as compile directory is not accessible!"), + $smarty->compile_dir + ), + FATAL_ERROR_DIALOG + ); + exit; } /* Check for old files in compile directory */ clean_smarty_compile_dir($smarty->compile_dir); /* Language setup */ -if ($config->get_cfg_value("language") == ""){ - $lang= get_browser_language(); +if ($config->get_cfg_value("language") == "") { + $lang= get_browser_language(); } else { - $lang= $config->get_cfg_value("language"); + $lang= $config->get_cfg_value("language"); } $lang.=".UTF-8"; putenv("LANGUAGE="); @@ -99,33 +116,36 @@ textdomain($domain); /* Generate server list */ $servers= array(); -foreach ($config->data['LOCATIONS'] as $key => $ignored){ - $servers[$key]= $key; +foreach ($config->data['LOCATIONS'] as $key => $ignored) { + $servers[$key]= $key; } -if (isset($_POST['server'])){ - $directory= validate($_POST['server']); +if (isset($_POST['server'])) { + $directory= validate($_POST['server']); } else { - $directory= $config->data['MAIN']['DEFAULT']; + $directory= $config->data['MAIN']['DEFAULT']; - if(!isset($servers[$directory])){ - $directory = key($servers); - } + if (!isset($servers[$directory])) { + $directory = key($servers); + } } -if (isset($_GET['directory']) && isset($servers[$_GET['directory']])){ - $smarty->assign ("show_directory_chooser", false); - $directory= validate($_GET['directory']); +if (isset($_GET['directory']) && isset($servers[$_GET['directory']])) { + $smarty->assign("show_directory_chooser", false); + $directory= validate($_GET['directory']); } else { - $smarty->assign ("server_options", $servers); - $smarty->assign ("server_id", $directory); - $smarty->assign ("show_directory_chooser", true); + $smarty->assign("server_options", $servers); + $smarty->assign("server_id", $directory); + $smarty->assign("show_directory_chooser", true); } /* Set config to selected one */ $config->set_current($directory); -session::global_set('config',$config); +session::global_set('config', $config); -if ($_SERVER["REQUEST_METHOD"] != "POST"){ - @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to"); +if ($_SERVER["REQUEST_METHOD"] != "POST") { + @DEBUG( + DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, + $lang, "Setting language to" + ); } @@ -134,164 +154,181 @@ $ssl= ""; if (!isset($_SERVER['HTTPS']) || !stristr($_SERVER['HTTPS'], "on")) { - if (empty($_SERVER['REQUEST_URI'])) { - $ssl= "https://".$_SERVER['HTTP_HOST']. - $_SERVER['PATH_INFO']; - } else { - $ssl= "https://".$_SERVER['HTTP_HOST']. - $_SERVER['REQUEST_URI']; - } + if (empty($_SERVER['REQUEST_URI'])) { + $ssl= "https://".$_SERVER['HTTP_HOST']. + $_SERVER['PATH_INFO']; + } else { + $ssl= "https://".$_SERVER['HTTP_HOST']. + $_SERVER['REQUEST_URI']; + } } /* If SSL is forced, just forward to the SSL enabled site */ -if ($config->get_cfg_value("forcessl") == 'true' && $ssl != ''){ - header ("Location: $ssl"); - exit; +if ($config->get_cfg_value("forcessl") == 'true' && $ssl != '') { + header("Location: $ssl"); + exit; } /* Check for selected password method */ $method= $config->get_cfg_value("hash", "crypt/md5"); -if (isset($_GET['method'])){ - $method= validate($_GET['method']); - $tmp = new passwordMethod($config); - $available = $tmp->get_available_methods(); - if (!isset($available[$method])){ - msg_dialog::display(_("Password method"),_("Error: Password method not available!"),FATAL_ERROR_DIALOG); - exit; - } +if (isset($_GET['method'])) { + $method= validate($_GET['method']); + $tmp = new passwordMethod($config); + $available = $tmp->get_available_methods(); + if (!isset($available[$method])) { + msg_dialog::display( + _("Password method"), + _("Error: Password method not available!"), + FATAL_ERROR_DIALOG + ); + exit; + } } /* Check for selected user... */ -if (isset($_GET['uid']) && $_GET['uid'] != ""){ - $uid= validate($_GET['uid']); - $smarty->assign('display_username', false); -} elseif (isset($_POST['uid'])){ - $uid= validate($_POST['uid']); - $smarty->assign('display_username', true); +if (isset($_GET['uid']) && $_GET['uid'] != "") { + $uid= validate($_GET['uid']); + $smarty->assign('display_username', false); +} elseif (isset($_POST['uid'])) { + $uid= validate($_POST['uid']); + $smarty->assign('display_username', true); } else { - $uid= ""; - $smarty->assign('display_username', true); + $uid= ""; + $smarty->assign('display_username', true); } $current_password= ""; $smarty->assign("changed", false); /* Got a formular answer, validate and try to log in */ -if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['apply'])){ - - /* Destroy old sessions, they cause a successfull login to relog again ...*/ - if(session::global_is_set('_LAST_PAGE_REQUEST')){ - session::global_set('_LAST_PAGE_REQUEST',time()); - } - - $message= array(); - $current_password= $_POST['current_password']; - - /* Do new and repeated password fields match? */ - $new_password= $_POST['new_password']; - if ($_POST['new_password'] != $_POST['new_password_repeated']){ - $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."); - } else { - if ($_POST['new_password'] == ""){ - $message[]= msgPool::required(_("New password")); - } - } - - /* Password policy fulfilled? */ - if ($config->get_cfg_value("passwordMinDiffer") != ""){ - $l= $config->get_cfg_value("passwordMinDiffer"); - if (substr($_POST['current_password'], 0, $l) == substr($_POST['new_password'], 0, $l)){ - $message[]= _("The password used as new and current are too similar."); - } - } - if ($config->get_cfg_value("passwordMinLength") != ""){ - if (strlen($_POST['new_password']) < $config->get_cfg_value("passwordMinLength")){ - $message[]= _("The password used as new is to short."); - } - } - - /* Validate */ - if (!tests::is_uid($uid)){ - $message[]= msgPool::invalid(_("Login")); - } elseif (mb_strlen($_POST["current_password"], 'UTF-8') == 0){ - $message[]= msgPool::required(_("Current password")); - } else { - - /* Do we have the selected user somewhere? */ - $ui= ldap_login_user ($uid, $current_password); - - if ($ui === NULL){ - $message[]= _("Please check the username/password combination."); +if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['apply'])) { + + /* Destroy old sessions, they cause a successfull login to relog again ...*/ + if (session::global_is_set('_LAST_PAGE_REQUEST')) { + session::global_set('_LAST_PAGE_REQUEST', time()); + } + + $message= array(); + $current_password= $_POST['current_password']; + + /* Do new and repeated password fields match? */ + $new_password= $_POST['new_password']; + if ($_POST['new_password'] != $_POST['new_password_repeated']) { + $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."); } else { - $acls = $ui->get_permissions($ui->dn,"users/password"); - if(!preg_match("/w/i",$acls)){ - $message[]= _("You have no permissions to change your password."); - } + if ($_POST['new_password'] == "") { + $message[]= msgPool::required(_("New password")); + } + } + + /* Password policy fulfilled? */ + if ($config->get_cfg_value("passwordMinDiffer") != "") { + $l= $config->get_cfg_value("passwordMinDiffer"); + if (substr($_POST['current_password'], 0, $l) == + substr($_POST['new_password'], 0, $l)) { + $message[]= _("The password used as new and current are too similar."); + } + } + if ($config->get_cfg_value("passwordMinLength") != "") { + if (strlen($_POST['new_password']) < + $config->get_cfg_value("passwordMinLength")) { + $message[]= _("The password used as new is to short."); + } + } + + /* Validate */ + if (!tests::is_uid($uid)) { + $message[]= msgPool::invalid(_("Login")); + } elseif (mb_strlen($_POST["current_password"], 'UTF-8') == 0) { + $message[]= msgPool::required(_("Current password")); + } else { + + /* Do we have the selected user somewhere? */ + $ui= ldap_login_user($uid, $current_password); + + if ($ui === NULL) { + $message[]= _("Please check the username/password combination."); + } else { + $acls = $ui->get_permissions($ui->dn, "users/password"); + if (!preg_match("/w/i", $acls)) { + $message[]= _("You have no permissions to change your password."); + } + } + } + + /* Do we need to show error messages? */ + if (count($message) != 0) { + /* Show error message and continue editing */ + msg_dialog::displayChecks($message); + } else { + + /* Passed quality check, just try to change the password now */ + $output= ""; + if ($config->get_cfg_value("passwordHook") != "") { + exec( + $config->get_cfg_value("passwordHook")." ".$ui->username." ". + $_POST['current_password']." ".$_POST['new_password'], + $resarr + ); + if (count($resarr) > 0) { + $output= join('\n', $resarr); + } + } + if ($output != "") { + $message[]= sprintf( + _("External password changer reported a problem: %s"), + $output + ); + msg_dialog::displayChecks($message); + } else { + if ($method != "") { + change_password($ui->dn, $_POST['new_password'], 0, $method); + } else { + change_password($ui->dn, $_POST['new_password']); + } + gosa_log("User/password has been changed"); + $smarty->assign("changed", true); + } } - } - - /* Do we need to show error messages? */ - if (count ($message) != 0){ - /* Show error message and continue editing */ - msg_dialog::displayChecks($message); - } else { - - /* Passed quality check, just try to change the password now */ - $output= ""; - if ($config->get_cfg_value("passwordHook") != ""){ - exec($config->get_cfg_value("passwordHook")." ".$ui->username." ". - $_POST['current_password']." ".$_POST['new_password'], $resarr); - if(count($resarr) > 0) { - $output= join('\n', $resarr); - } - } - if ($output != ""){ - $message[]= _("External password changer reported a problem: ".$output); - msg_dialog::displayChecks($message); - } else { - if ($method != ""){ - change_password ($ui->dn, $_POST['new_password'], 0, $method); - } else { - change_password ($ui->dn, $_POST['new_password']); - } - gosa_log ("User/password has been changed"); - $smarty->assign("changed", true); - } - } } /* Parameter fill up */ $params= ""; -foreach (array('uid', 'method', 'directory') as $index){ - $params.= "&$index=".urlencode($$index); +foreach (array('uid', 'method', 'directory') as $index) { + $params.= "&$index=".urlencode($$index); } $params= preg_replace('/^&/', '?', $params); $smarty->assign('params', $params); /* Fill template with required values */ -$smarty->assign ('date', gmdate("D, d M Y H:i:s")); -$smarty->assign ('uid', $uid); -$smarty->assign ('password_img', get_template_path('images/password.png')); +$smarty->assign('date', gmdate("D, d M Y H:i:s")); +$smarty->assign('uid', $uid); +$smarty->assign('password_img', get_template_path('images/password.png')); /* Displasy SSL mode warning? */ -if ($ssl != "" && $config->get_cfg_value("warnssl") == 'true'){ - $smarty->assign ("ssl", ""._("Warning").": "._("Session will not be encrypted.")." "._("Enter SSL session")."!"); +if ($ssl != "" && $config->get_cfg_value("warnssl") == 'true') { + $smarty->assign( + "ssl", + ""._("Warning").": "._("Session will not be encrypted."). + " ". + _("Enter SSL session")."!" + ); } else { - $smarty->assign ("ssl", ""); + $smarty->assign("ssl", ""); } /* show login screen */ -$smarty->assign("JS",session::global_get('js')); -$smarty->assign ("PHPSESSID", session_id()); -if (session::is_set('errors')){ - $smarty->assign("errors", session::get('errors'));; +$smarty->assign("JS", session::global_get('js')); +$smarty->assign("PHPSESSID", session_id()); +if (session::is_set('errors')) { + $smarty->assign("errors", session::get('errors'));; } -if ($error_collector != ""){ - $smarty->assign("php_errors", $error_collector.""); +if ($error_collector != "") { + $smarty->assign("php_errors", $error_collector.""); } else { - $smarty->assign("php_errors", ""); + $smarty->assign("php_errors", ""); } $smarty->assign("msg_dialogs", msg_dialog::get_dialogs()); -- 2.30.2