From 3e715c75e26ea7492063d753a904fe810d2bb9bb Mon Sep 17 00:00:00 2001 From: cajus Date: Mon, 9 Jul 2007 14:26:27 +0000 Subject: [PATCH] Added non-login password dialog which closes #86 git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@6783 594d385d-05f5-0310-b6e9-bd551577e9d8 --- Changelog | 1 + FAQ | 8 ++ html/index.php | 3 - html/password.php | 156 ++++++++++++++++++++++--- html/themes/default/password-style.css | 53 +++++++++ ihtml/themes/default/password.tpl | 123 +++++++++++++++++++ include/class_password-methods.inc | 1 - include/functions.inc | 3 +- 8 files changed, 326 insertions(+), 22 deletions(-) create mode 100644 html/themes/default/password-style.css create mode 100644 ihtml/themes/default/password.tpl diff --git a/Changelog b/Changelog index a9f34cbf4..2c60d8fe2 100644 --- a/Changelog +++ b/Changelog @@ -6,6 +6,7 @@ GOsa2 changelog - Fixed several IE6 related Java-Script problems - Removed png.js by default. Looks ugly, but performs. Take a look at the FAQ on how to re-enable it for IE. + - Added non-login password change dialog * gosa 2.5.11a - Added chinese translation diff --git a/FAQ b/FAQ index 25eb63fc2..b99bc62c7 100644 --- a/FAQ +++ b/FAQ @@ -393,3 +393,11 @@ A: Use Firefox, Konqueror, Safari, Opera, IE >= 7, etc. IE is broken and If you have much time, you can provide a seamless integration with MS filter css extension. + + +Q: Is there a way to let users change passwords without logging into GOsa? + +A: Yes. Browse to "password.php". You can preset a couple of things i.e.: + + http://your.admin.server/password.php?uid=cajus&method=md5&directory=GONICUS+GmbH + diff --git a/html/index.php b/html/index.php index f57227ddd..33ff26197 100644 --- a/html/index.php +++ b/html/index.php @@ -108,9 +108,6 @@ if (!file_exists(CONFIG_DIR."/".CONFIG_FILE)){ exit(); } -/* Reset errors */ -$_SESSION['errors']= ""; - /* Check for java script */ if(isset($_POST['javascript']) && $_POST['javascript'] == "true") { $_SESSION['js']= TRUE; diff --git a/html/password.php b/html/password.php index 4520af895..901469f3b 100644 --- a/html/password.php +++ b/html/password.php @@ -18,11 +18,11 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ - function displayPWchanger() { global $smarty; - $smarty->display(get_template_path('passwords.tpl')); + + $smarty->display(get_template_path('password.tpl')); exit(); } @@ -41,6 +41,7 @@ if(is_array($_SESSION) && count($_SESSION)){ } /* Reset errors */ +$_SESSION['js'] = true; $_SESSION['errors'] = ""; $_SESSION['errorsAlreadyPosted']= array(); $_SESSION['LastError'] = ""; @@ -93,6 +94,28 @@ $domain = 'messages'; bindtextdomain($domain, "$BASE_DIR/locale"); textdomain($domain); +/* Generate server list */ +$servers= array(); +if (isset($_POST['server'])){ + $directory= validate($_POST['server']); +} else { + $directory= $config->data['MAIN']['DEFAULT']; +} +foreach ($config->data['LOCATIONS'] as $key => $ignored){ + $servers[$key]= $key; +} +if (isset($_GET['directory']) && isset($servers[$_GET['directory']])){ + $smarty->assign ("show_directory_chooser", false); + $directory= validate($_GET['directory']); +} else { + $smarty->assign ("server_options", $servers); + $smarty->assign ("server_id", $directory); + $smarty->assign ("show_directory_chooser", true); +} + +/* Set config to selected one */ +$config->set_current($directory); +$_SESSION['config']= $config; if ($_SERVER["REQUEST_METHOD"] != "POST"){ @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to"); @@ -119,32 +142,133 @@ if ($config->data['MAIN']['FORCESSL'] == 'true' && $ssl != ''){ exit; } -/* Got a formular answer, validate and try to log in */ -if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])){ +/* Check for selected password method */ +$method= ""; +if (isset($_GET['method'])){ + $method= validate($_GET['method']); + $tmp = new passwordMethod($config); + $available = $tmp->get_available_methods_if_not_loaded(); + if (!isset($available[$method])){ + echo _("Error: Password method not available!"); + exit; + } +} - /* Reset error messages */ - $message= ""; + +/* Check for selected user... */ +if (isset($_GET['uid']) && $_GET['uid'] != ""){ + $uid= validate($_GET['uid']); + $smarty->assign('display_username', false); +} elseif (isset($_POST['uid'])){ + $uid= validate($_POST['uid']); + $smarty->assign('display_username', true); +} else { + $uid= ""; + $smarty->assign('display_username', true); +} +$current_password= ""; +$smarty->assign("changed", false); + +/* Got a formular answer, validate and try to log in */ +if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['apply'])){ /* Destroy old sessions, they cause a successfull login to relog again ...*/ if(isset($_SESSION['_LAST_PAGE_REQUEST'])){ $_SESSION['_LAST_PAGE_REQUEST'] = time(); } - echo "Well - I'm lazy..."; + $message= array(); + $current_password= $_POST['current_password']; + + /* Do new and repeated password fields match? */ + $new_password= $_POST['new_password']; + if ($_POST['new_password'] != $_POST['new_password_repeated']){ + $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."); + } else { + if ($_POST['new_password'] == ""){ + $message[]= _("The password you've entered as 'New password' is empty."); + } + } + + /* Password policy fulfilled? */ + if (isset($config->data['MAIN']['PWDIFFER'])){ + $l= $config->data['MAIN']['PWDIFFER']; + if (substr($_POST['current_password'], 0, $l) == substr($_POST['new_password'], 0, $l)){ + $message[]= _("The password used as new and current are too similar."); + } + } + if (isset($config->data['MAIN']['PWMINLEN'])){ + if (strlen($_POST['new_password']) < $config->data['MAIN']['PWMINLEN']){ + $message[]= _("The password used as new is to short."); + } + } + + /* Validate */ + if (!ereg("^[A-Za-z0-9_.-]+$", $uid)){ + $message[]= _("Please specify a valid username!"); + } elseif (mb_strlen($_POST["current_password"], 'UTF-8') == 0){ + $message[]= _("Please specify your password!"); + } else { + + /* Do we have the selected user somewhere? */ + $ui= ldap_login_user ($uid, $current_password); + if ($ui == NULL){ + $message[]= _(""); + } else { + /* Check acl... */ + $ca= get_permissions ($ui->dn, $ui->subtreeACL); + $ca= get_module_permission($ca, "user", $ui->dn); + if (chkacl($ca, "password") != ""){ + $message[]= _("You have no permissions to change your password."); + } + } + } + + /* Do we need to show error messages? */ + if (count ($message) != 0){ + /* Show error message and continue editing */ + show_errors($message); + } else { + + /* Passed quality check, just try to change the password now */ + $output= ""; + if (isset($config->data['MAIN']['EXTERNALPWDHOOK'])){ + exec($config->data['MAIN']['EXTERNALPWDHOOK']." ".$ui->username." ". + $_POST['current_password']." ".$_POST['new_password'], $resarr); + if(count($resarr) > 0) { + $output= join('\n', $resarr); + } + } + if ($output != ""){ + $message[]= _("External password changer reported a problem: ".$output); + show_errors($message); + } else { + if ($method != ""){ + change_password ($ui->dn, $_POST['new_password'], 0, $method); + } else { + change_password ($ui->dn, $_POST['new_password']); + } + gosa_log ("User/password has been changed"); + $smarty->assign("changed", true); + } + } + + } +/* Parameter fill up */ +$params= ""; +foreach (array('uid', 'method', 'directory') as $index){ + $params.= "&$index=".urlencode($$index); +} +$params= preg_replace('/^&/', '?', $params); +$smarty->assign('params', $params); + /* Fill template with required values */ $smarty->assign ('date', gmdate("D, d M Y H:i:s")); -$smarty->assign ('username', $username); +$smarty->assign ('uid', $uid); $smarty->assign ('password_img', get_template_path('images/password.png')); -/* Some error to display? */ -if (!isset($message)){ - $message= ""; -} - -$smarty->assign ("message", $message); - /* Displasy SSL mode warning? */ if ($ssl != "" && $config->data['MAIN']['WARNSSL'] == 'true'){ $smarty->assign ("ssl", ""._("Warning").":<\/b> "._("Session will not be encrypted.")." "._("Enter SSL session")."<\/b>!"); @@ -174,8 +298,8 @@ $smarty->assign("focus", $focus); displayPWchanger(); -// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?> +// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: diff --git a/html/themes/default/password-style.css b/html/themes/default/password-style.css new file mode 100644 index 000000000..c6c576bda --- /dev/null +++ b/html/themes/default/password-style.css @@ -0,0 +1,53 @@ +body { + margin-left:0px; + margin-right:0px; + margin-top:0px; + margin-bottom:0px; + background-color:white; + color:#00008F; + font-family:arial,helvetica,sans-serif; + font-size:12px; +} + +h1 { + margin:0px; + background-color:#A9FBA6; + border-bottom:1px solid #AAA; + padding-top:0.2em; + padding-bottom:0.2em; +} + +img.center { + text-align:center; + vertical-align:middle; +} + +h1.headline { + font-size:2em; +} + +div.success { + padding:1em; +} + +p.infotext { + padding:0.5em; +} + +table { + border-spacing:0.5em; +} + +div.change { + margin-right:0.5em; + text-align:right; +} + +div.ruler { + border-top:1px solid #AAA; + width:100%; + height:1px; + margin-top:0.5em; + margin-bottom:0.5em; +} + diff --git a/ihtml/themes/default/password.tpl b/ihtml/themes/default/password.tpl new file mode 100644 index 000000000..63f8fb4c8 --- /dev/null +++ b/ihtml/themes/default/password.tpl @@ -0,0 +1,123 @@ + + + + + GOsa - {t}Change your password{/t} + + + + + + + + + + + + + + + + {if isset($ieworkaround)}{/if} + + + + + +{* GOsa login - smarty template *} +{$php_errors} +{$errors} + +{if $changed} +
+{t}Success{/t} {t}Your password has been changed successfully.{/t} +
+{else} +
+

+ {t}Password{/t} + {t}Password change{/t} +

+ + +

{$ssl}

+ + {$focus} + + +

{$message}

+ + +

+ {t}This dialog provides a simple way to change your password. Enter the current password and the new password (twice) in the fields below and press the 'Change' button.{/t} +

+ +
+ + {if $show_directory_chooser} + + + + + {/if} + + + + + + + + + + + + + + + + +
{t}Directory{/t} + +
{t}Username{/t}{if $display_username} + + {else} + {$uid} + {/if} +
{t}Current password{/t}
{t}New password{/t}
{t}New password{/t} ({t}again{/t})
+ +
+ +
+ +
+ +

+ +

+ +
+ +{/if} + + + + + +
+ diff --git a/include/class_password-methods.inc b/include/class_password-methods.inc index 6d8dc0e3a..4ebc87bb7 100644 --- a/include/class_password-methods.inc +++ b/include/class_password-methods.inc @@ -122,7 +122,6 @@ function change_password ($dn, $password, $mode=0, $hash= "") $hash= strtolower($matches[1]); } - // Crypt with the detected Method $test = new $available[$hash]($config); $test->attrs= $attrs; diff --git a/include/functions.inc b/include/functions.inc index ddb9e1465..8867c0674 100644 --- a/include/functions.inc +++ b/include/functions.inc @@ -1185,8 +1185,7 @@ function print_red() "position:absolute' id='e_layer'>". "". - "

"._("An error occurred while processing your request"). - "

$string

$addmsg


"; -- 2.30.2