source: branches/2.0/preferences/changepassword.php @ 3048

Revision 3048, 7.7 KB checked in by niltonneto, 14 years ago (diff)

Ticket #1142 - Corrigido alteração de senha para registrar no log do ExpressoAdmin.
  • Property svn:eol-style set to native
  • Property svn:executable set to *
Line 
1<?php
2        /**************************************************************************\
3        * phpGroupWare - preferences                                               *
4        * http://www.phpgroupware.org                                              *
5        * Written by Joseph Engo <jengo@phpgroupware.org>                          *
6        * --------------------------------------------                             *
7        *  This program is free software; you can redistribute it and/or modify it *
8        *  under the terms of the GNU General Public License as published by the   *
9        *  Free Software Foundation; either version 2 of the License, or (at your  *
10        *  option) any later version.                                              *
11        \**************************************************************************/
12
13
14        $GLOBALS['phpgw_info']['flags'] = array(
15                'noheader'   => True,
16                'nonavbar'   => True,
17                'currentapp' => 'preferences'
18        );
19
20        include('../header.inc.php');
21
22function grava_senha_criptografada_com_certificado_no_ldap($aux_uid,$aux_senha)
23   {   
24        require_once('/var/www/expresso/security/classes/CertificadoB.php');
25        $ldap_context = $GLOBALS['phpgw_info']['server']['ldap_context'];
26        $ldap_servidor = $GLOBALS['phpgw_info']['server']['ldap_host'];
27        $ldap_dn = $GLOBALS['phpgw_info']['server']['ldap_root_dn'];
28        $ldap_passwd = $GLOBALS['phpgw_info']['server']['ldap_root_pw'];
29
30        $cc=ldap_connect($ldap_servidor);
31
32        //  bind ..
33        $sr=ldap_bind($cc,$ldap_dn,$ldap_passwd); 
34
35        $filtro = 'uidNumber='.$aux_uid;
36
37        // Pesquisa uidNumber no LDAP
38        $sr=ldap_search($cc, $ldap_context,$filtro); 
39
40        // Pega resultado ....
41        $info = ldap_get_entries($cc, $sr);
42         
43        // Tem de achar só uma entrada.....ao menos uma....
44        if($info["count"]!=1)
45            {
46                ldap_close($cc);
47                return false;
48            }
49
50        if(!$info[0]["usercertificate"][0])
51            {
52                //Usuario sem certificado cadastrado
53                ldap_close($cc);
54                return false;
55            }
56
57        $a = new certificadoB();
58        $R = $a->encriptar_senha($aux_senha,$info[0]["usercertificate"][0]);
59        if(!$R)
60            {
61                return false;
62            }
63        $user_info = array();
64        $aux1 = $info[0]["dn"];
65        $user_info['cryptpassword'] = $R;
66        ldap_modify($cc,$aux1,$user_info);
67
68        ldap_close($cc);
69
70        return true;
71   }
72
73        $a_passwd   = $_POST['a_passwd'];
74        $n_passwd   = $_POST['n_passwd'];
75        $n_passwd_2 = $_POST['n_passwd_2'];
76
77        if(!$GLOBALS['phpgw']->acl->check('changepassword', 1) || $_POST['cancel'])
78        {
79                if(($GLOBALS['phpgw_info']['user']['lastpasswd_change'] == '0') && (!$_POST['cancel']))
80                        $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=6'));
81               
82                if ($GLOBALS['phpgw_info']['server']['use_https'] == 1)
83                        Header('Location: http://' . $_SERVER['HTTP_HOST'] . $GLOBALS['phpgw_info']['server']['webserver_url'] . '/preferences/index.php');
84                else
85                        $GLOBALS['phpgw']->redirect_link('/preferences/index.php');
86               
87                $GLOBALS['phpgw']->common->phpgw_exit();
88        }
89
90        $GLOBALS['phpgw']->template->set_file(array(
91                'form' => 'changepassword.tpl'
92        ));
93        $GLOBALS['phpgw']->template->set_var('lang_enter_actual_password',lang('Enter your actual password'));
94        $GLOBALS['phpgw']->template->set_var('lang_enter_password',lang('Enter your new password'));
95        $GLOBALS['phpgw']->template->set_var('lang_reenter_password',lang('Re-enter your password'));
96        $GLOBALS['phpgw']->template->set_var('lang_change',lang('Change'));
97        $GLOBALS['phpgw']->template->set_var('lang_cancel',lang('Cancel'));
98        $GLOBALS['phpgw']->template->set_var('form_action',$GLOBALS['phpgw']->link('/preferences/changepassword.php'));
99
100        if ($_GET['cd'] == 1)
101        {
102                $lang1 = lang('Your password has expired');
103                $lang2 = lang('You must register a new password');
104                $GLOBALS['phpgw']->template->set_var('messages',"<font color=red><h1>$lang1.<br>$lang2.</h1></font>");
105        }
106
107        if ($GLOBALS['phpgw_info']['server']['auth_type'] != 'ldap')
108        {
109                $GLOBALS['phpgw']->template->set_var('sql_message',lang('note: This feature does *not* change your email password. This will '
110                        . 'need to be done manually.'));
111        }
112
113        if ($_POST['change'])
114        {
115                // Default number of letters = 3
116                if (!$GLOBALS['phpgw_info']['server']['num_letters_userpass'])
117                        $GLOBALS['phpgw_info']['server']['num_letters_userpass'] = 3;
118                // Default number of special letters = 0
119                if (!$GLOBALS['phpgw_info']['server']['num_special_letters_userpass'])
120                        $GLOBALS['phpgw_info']['server']['num_special_letters_userpass'] = 0;
121                if (! $GLOBALS['phpgw']->auth->authenticate($GLOBALS['phpgw_info']['user']['account_lid'], $a_passwd))
122                {
123                        $errors[] = lang('Your actual password is wrong');
124                }
125                else if ($n_passwd != $n_passwd_2)
126                {
127                        $errors[] = lang('The two passwords are not the same');
128                }
129                else if ($a_passwd == $n_passwd)
130                {
131                        $errors[] = lang('Your old password and your new password are the same. Choose a different new password');
132                }
133                else if (! $n_passwd)
134                {
135                        $errors[] = lang('You must enter a password');
136                }
137                else if ( strlen( $n_passwd ) < $GLOBALS['phpgw_info']['server']['num_letters_userpass'] )
138                {
139                        $errors[] = lang('Your password must contain %1 or more letters', $GLOBALS['phpgw_info']['server']['num_letters_userpass']);                   
140                }
141               
142                // Special Letters
143                $speccial_letter = 0;
144                for ($i=0; $i<strlen($n_passwd); $i++)
145                {
146                        $letter = $n_passwd[$i];
147                        if (! ereg ("[a-zA-Z]", $letter ) )
148                                $speccial_letter++;
149                }
150                if ($speccial_letter < $GLOBALS['phpgw_info']['server']['num_special_letters_userpass'])
151                {
152                        $errors[] = lang('Your password must contain at least %1 numbers or characters special', $GLOBALS['phpgw_info']['server']['num_special_letters_userpass']);
153                }
154               
155                if(is_array($errors))
156                {
157                        $GLOBALS['phpgw']->common->phpgw_header();
158                        echo parse_navbar();
159                        $GLOBALS['phpgw']->template->set_var('messages',$GLOBALS['phpgw']->common->error_list($errors));
160                        $GLOBALS['phpgw']->template->pfp('out','form');
161                        $GLOBALS['phpgw']->common->phpgw_exit(True);
162                }
163
164                $o_passwd = $GLOBALS['phpgw_info']['user']['passwd'];
165                $passwd_changed = $GLOBALS['phpgw']->auth->change_password($o_passwd, $n_passwd);
166                if(!$passwd_changed)
167                {
168                        $errors[] = lang('Failed to change password') . ". " . lang('Please contact your administrator') . '.';
169                        $GLOBALS['phpgw']->common->phpgw_header();
170                        echo parse_navbar();
171                        $GLOBALS['phpgw']->template->set_var('messages',$GLOBALS['phpgw']->common->error_list($errors));
172                        $GLOBALS['phpgw']->template->pfp('out','form');
173                        $GLOBALS['phpgw']->common->phpgw_exit(True);
174                }
175                else
176                {
177                        $GLOBALS['phpgw_info']['user']['passwd'] = $passwd_changed;
178                        $_SESSION['phpgw_info']['expresso']['user']['account_lid'] = $GLOBALS['phpgw_info']['user']['account_lid'];
179                    include('../expressoAdmin1_2/inc/class.db_functions.inc.php');
180                        $db_functions = new db_functions();
181                        $db_functions->write_log('modified user password','User change its own password in preferences');                       
182                        $GLOBALS['hook_values']['account_id'] = $GLOBALS['phpgw_info']['user']['account_id'];
183                        $GLOBALS['hook_values']['old_passwd'] = $o_passwd;
184                        $GLOBALS['hook_values']['new_passwd'] = $n_passwd;
185                        $GLOBALS['phpgw']->hooks->process('changepassword');
186
187                        if($GLOBALS['phpgw_info']['server']['certificado'])
188                        {
189                        if(!$GLOBALS['phpgw_info']['server']['atributousuarios'] or $GLOBALS['phpgw_info']['server']['atributousuarios'] == "person")
190                                {
191                                        $RR = grava_senha_criptografada_com_certificado_no_ldap($GLOBALS['phpgw_info']['user']['account_id'],$n_passwd);
192                                }
193                        }
194                       
195                        if ($GLOBALS['phpgw_info']['server']['use_https'] == 1)
196                                Header('Location: http://' . $_SERVER['HTTP_HOST'] . $GLOBALS['phpgw_info']['server']['webserver_url'] . '/preferences/index.php');
197                        else
198                                $GLOBALS['phpgw']->redirect_link('/preferences/index.php','cd=18');
199                }
200        }
201        else
202        {
203                $GLOBALS['phpgw_info']['flags']['app_header'] = lang('Change your password');
204                $GLOBALS['phpgw']->common->phpgw_header();
205                echo parse_navbar();
206
207                $GLOBALS['phpgw']->template->pfp('out','form');
208                $GLOBALS['phpgw']->common->phpgw_footer();
209        }
210?>
Note: See TracBrowser for help on using the repository browser.