Context Navigation

source: companies/serpro/preferences/changepassword.php @ 903

Revision 903, 10.5 KB checked in by niltonneto, 15 years ago (diff)
Importacao inicial do Expresso do Serpro

Line
1	<?php
2	/**************************************************************************\
3	* phpGroupWare - preferences *
4	* http://www.phpgroupware.org *
5	* Written by Joseph Engo <jengo@phpgroupware.org> *
6	* -------------------------------------------- *
7	* This program is free software; you can redistribute it and/or modify it *
8	* under the terms of the GNU General Public License as published by the *
9	* Free Software Foundation; either version 2 of the License, or (at your *
10	* option) any later version. *
11	\**************************************************************************/
12
13
14	$GLOBALS['phpgw_info']['flags'] = array(
15	'noheader' => True,
16	'nonavbar' => True,
17	'currentapp' => 'preferences'
18	);
19
20	include('../header.inc.php');
21
22
23	function grava_senha_criptografada_com_certificado_no_ldap($aux_uid,$aux_senha)
24	{
25	require_once('/var/www/expresso/seguranca/classes/CertificadoB.php');
26	$ldap_context = $GLOBALS['phpgw_info']['server']['ldap_context'];
27	$ldap_servidor = $GLOBALS['phpgw_info']['server']['ldap_host'];
28	$ldap_dn = $GLOBALS['phpgw_info']['server']['ldap_root_dn'];
29	$ldap_passwd = $GLOBALS['phpgw_info']['server']['ldap_root_pw'];
30
31	$cc=ldap_connect($ldap_servidor);
32
33	// bind ..
34	$sr=ldap_bind($cc,$ldap_dn,$ldap_passwd);
35
36	$filtro = 'uidNumber='.$aux_uid;
37
38	// Pesquisa uidNumber no LDAP
39	$sr=ldap_search($cc, $ldap_context,$filtro);
40
41	// Pega resultado ....
42	$info = ldap_get_entries($cc, $sr);
43
44	// Tem de achar sÃ³ uma entrada.....ao menos uma....
45	if($info["count"]!=1)
46	{
47	ldap_close($cc);
48	return false;
49	}
50
51	if(!$info[0]["usercertificate"][0])
52	{
53	//Usuario sem certificado cadastrado
54	ldap_close($cc);
55	return false;
56	}
57
58	$a = new certificadoB();
59	$R = $a->encriptar_senha($aux_senha,$info[0]["usercertificate"][0]);
60	if(!$R)
61	{
62	return false;
63	}
64	$user_info = array();
65	$aux1 = $info[0]["dn"];
66	$user_info['cryptpassword'] = $R;
67	ldap_modify($cc,$aux1,$user_info);
68
69	ldap_close($cc);
70
71	return true;
72	}
73
74
75	$a_passwd = $_POST['a_passwd'];
76	$n_passwd = $_POST['n_passwd'];
77	$n_passwd_2 = $_POST['n_passwd_2'];
78
79	if(!$GLOBALS['phpgw']->acl->check('changepassword', 1) \|\| $_POST['cancel'])
80	{
81	if ($GLOBALS['phpgw_info']['server']['use_https'] == 1)
82	Header('Location: http://' . $_SERVER['HTTP_HOST'] . $GLOBALS['phpgw_info']['server']['webserver_url'] . '/preferences/index.php');
83	else
84	$GLOBALS['phpgw']->redirect_link('/preferences/index.php');
85
86	$GLOBALS['phpgw']->common->phpgw_exit();
87	}
88
89	$GLOBALS['phpgw']->template->set_file(array(
90	'form' => 'changepassword.tpl'
91	));
92	$GLOBALS['phpgw']->template->set_var('lang_enter_actual_password',lang('Enter your actual password'));
93	$GLOBALS['phpgw']->template->set_var('lang_enter_password',lang('Enter your new password'));
94	$GLOBALS['phpgw']->template->set_var('lang_reenter_password',lang('Re-enter your password'));
95	$GLOBALS['phpgw']->template->set_var('lang_change',lang('Change'));
96	$GLOBALS['phpgw']->template->set_var('lang_cancel',lang('Cancel'));
97	$GLOBALS['phpgw']->template->set_var('form_action',$GLOBALS['phpgw']->link('/preferences/changepassword.php'));
98
99	if ($GLOBALS['phpgw_info']['server']['auth_type'] != 'ldap')
100	{
101	$GLOBALS['phpgw']->template->set_var('sql_message',lang('note: This feature does not change your email password. This will '
102	. 'need to be done manually.'));
103	}
104
105	if ($_POST['change'])
106	{
107	// Default number of letters = 8
108	if (!$GLOBALS['phpgw_info']['server']['num_letters_userpass'])
109	$GLOBALS['phpgw_info']['server']['num_letters_userpass'] = 8;
110
111	// Default number of special letters = 1
112	if (!$GLOBALS['phpgw_info']['server']['num_special_letters_userpass'])
113	$GLOBALS['phpgw_info']['server']['num_special_letters_userpass'] = 1;
114
115	if (! $GLOBALS['phpgw']->auth->authenticate($GLOBALS['phpgw_info']['user']['account_lid'], $a_passwd))
116	{
117	$errors[] = lang('Your actual password is wrong');
118	}
119	else if ($n_passwd != $n_passwd_2)
120	{
121	$errors[] = lang('The two passwords are not the same');
122	}
123	else if (! $n_passwd)
124	{
125	$errors[] = lang('You must enter a password');
126	}
127	else if ( strlen( $n_passwd ) < $GLOBALS['phpgw_info']['server']['num_letters_userpass'] )
128	{
129	$errors[] = lang('Your password must contain %1 or more letters', $GLOBALS['phpgw_info']['server']['num_letters_userpass']);
130	}
131	# password that start with a-Z or 0-9 and contain _.-!@#$%&*+=\| will be accepted.
132	else if (!(ereg ("(^[a-zA-Z_.\-\!@#$%&+=\|])$", $n_passwd ) or
133	ereg ("(^[0-9_.\-\!@#$%&+=\|])$", $n_passwd ) or
134	ereg ("(^[a-zA-Z0-9]*)$", $n_passwd ) or
135	ereg ("(^[a-zA-Z0-9_.\-\!@#$%&+=\|])$", $n_passwd )))
136	{
137	$errors[] = lang('Your password contains characters not allowed');
138	}
139	# password must contain 2 special letters, numbers or special characters
140	//else if ($GLOBALS['phpgw_info']['server']['num_special_letters_userpass'] && ! ereg ("([0-9_.\-!@#$%&*+=\|]){".$GLOBALS['phpgw_info']['server']['num_special_letters_userpass'].",}", $n_passwd ) )
141	//{
142	// $errors[] = lang('Your password must contain at least %1 numbers or characters special', $GLOBALS['phpgw_info']['server']['num_special_letters_userpass']);
143	//}
144	for ($j=0 ; $j<(strlen($n_passwd)-2); $j++)
145	{
146	if ($n_passwd[$j]==$n_passwd[$j+1] && $n_passwd[$j]==$n_passwd[$j+2])
147	{
148	$errors[] = lang('New password with more than three consecutives equals caracteres');
149	break;
150	}
151	}
152	$passcomplex=0;
153	if (ereg('[a-zA-Z]',$n_passwd)) {$passcomplex=$passcomplex+1;}
154	if (ereg('[0-9]',$n_passwd)) {$passcomplex=$passcomplex+1;}
155	if (ereg('[^0-9a-zA-Z]',$n_passwd)) {$passcomplex=$passcomplex+1;}
156	if ($passcomplex < 2)
157	{
158	$errors[] = lang('Your password is very simple, use numbers, uppercase, lowercase and special characters');
159	}
160
161	$similar=false;
162	for ($j=0 ; $j<8; $j++)
163	{
164	for ($k=0 ; $k<8; $k++)
165	{
166	if (similar_text(substr($a_passwd,$j,3),substr($n_passwd,$k,3))>2)
167	{
168	$similar=true;
169	}
170	}
171	}
172
173	// a nova senha e a senha atual nao podem ser "similares" ...
174	if ($similar)
175	{
176	$errors[] = lang('New Password and Current Password are similar');
177	}
178
179	if(is_array($errors))
180	{
181	$GLOBALS['phpgw']->common->phpgw_header();
182	echo parse_navbar();
183	$GLOBALS['phpgw']->template->set_var('messages',$GLOBALS['phpgw']->common->error_list($errors));
184	$GLOBALS['phpgw']->template->pfp('out','form');
185	$GLOBALS['phpgw']->common->phpgw_exit(True);
186	}
187
188	$o_passwd = $GLOBALS['phpgw_info']['user']['passwd'];
189	//$passwd_changed = $GLOBALS['phpgw']->auth->change_password($o_passwd, $n_passwd);
190
191	$passwd_changed = $GLOBALS['phpgw']->auth->change_password_user($a_passwd, $n_passwd, $GLOBALS['phpgw_info']['user']['account_dn'],true);
192	if(!$passwd_changed)
193	{
194	$errors[] = lang('Failed to change password. Please contact your administrator.');
195	$GLOBALS['phpgw']->common->phpgw_header();
196	echo parse_navbar();
197	$GLOBALS['phpgw']->template->set_var('messages',$GLOBALS['phpgw']->common->error_list($errors));
198	$GLOBALS['phpgw']->template->pfp('out','form');
199	$GLOBALS['phpgw']->common->phpgw_exit(True);
200	}
201	else
202	{
203	//$GLOBALS['phpgw_info']['user']['passwd'] = $GLOBALS['phpgw']->auth->change_password($o_passwd, $n_passwd);
204	$GLOBALS['phpgw_info']['user']['passwd'] = $GLOBALS['phpgw']->auth->change_password_user($o_passwd, $n_passwd, $GLOBALS['phpgw_info']['user']['account_dn'],true);
205	$GLOBALS['hook_values']['account_id'] = $GLOBALS['phpgw_info']['user']['account_id'];
206	$GLOBALS['hook_values']['old_passwd'] = $o_passwd;
207	$GLOBALS['hook_values']['new_passwd'] = $n_passwd;
208	$GLOBALS['phpgw']->hooks->process('changepassword');
209
210	if($GLOBALS['phpgw_info']['server']['certificado'])
211	{
212	if(!$GLOBALS['phpgw_info']['server']['atributousuarios'] or $GLOBALS['phpgw_info']['server']['atributousuarios'] == "person")
213	{
214	$RR = grava_senha_criptografada_com_certificado_no_ldap($GLOBALS['phpgw_info']['user']['account_id'],$n_passwd);
215	}
216	}
217
218	//Se a implementacao da politica de senhas for no Expresso, reescreve o atributo de expiracao
219	if($GLOBALS['phpgw_info']['server']['politicasenhas']=='expresso')
220	{
221	$common = CreateObject('phpgwapi.common');
222	$ldap_conn = $common->ldapConnect();
223	if ($GLOBALS['phpgw_info']['server']['validadesenha'])
224	{
225	$aux=$GLOBALS['phpgw_info']['server']['validadesenha'];
226	}
227	else
228	{
229	$aux=90;
230	}
231	$now=time();
232	if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']))
233	{
234	####Procurando a forma do tempo para expiracao
235	$ldap_conn2 = $common->ldapConnect();
236	$justthese2 = array($GLOBALS['phpgw_info']['server']['atributoexpiracao']);
237	$filter2="(&(phpgwAccountType=u)(uid=".$_SESSION['phpgw_info']['expressomail']['user']['account_lid']."))";
238	$ldap_search2 = ldap_search($ldap_conn2, $GLOBALS['phpgw_info']['server']['ldap_context'],$filter2, $justthese2);
239	$ldap_info2 = ldap_get_entries($ldap_conn2, $ldap_search2);
240	if(substr($ldap_info2[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0],-1,1)=="Z")
241	{
242	###quando a data de expiracao estah no formato yyyymmddhhmmssZ
243	$entry[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = strftime("%Y%m%d%H%M%SZ", $now + ($aux * 86400));
244	}
245	else
246	{
247	###Outro atributo ldap que, assim como o phpgwaccounttype, tambem contem hora em formato unix
248	$entry[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = $now + ($aux * 86400);
249	}
250	}
251	else
252	{
253	$entry['phpgwaccountexpires'] = $now + ($aux * 86400);
254	}
255	//$entry[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = $now + ($aux * 86400);
256	//$entry['phpgwaccountexpires'] = $now + ($aux * 86400);
257	ldap_modify($ldap_conn,$GLOBALS['phpgw_info']['user']['account_dn'], $entry);
258	}
259	if ($GLOBALS['phpgw_info']['server']['use_https'] == 1)
260	Header('Location: http://' . $_SERVER['HTTP_HOST'] . $GLOBALS['phpgw_info']['server']['webserver_url'] . '/preferences/index.php');
261	else
262	$GLOBALS['phpgw']->redirect_link('/preferences/index.php','cd=18');
263	}
264	}
265	else
266	{
267	$GLOBALS['phpgw_info']['flags']['app_header'] = lang('Change your password');
268	$GLOBALS['phpgw']->common->phpgw_header();
269	echo parse_navbar();
270
271	$GLOBALS['phpgw']->template->pfp('out','form');
272	$GLOBALS['phpgw']->common->phpgw_footer();
273	}
274	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: