mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-24 23:58:54 +01:00
do not use password on asetLastPwdChange in admin actions, as the use of passwords indicates the usage of the functionality in usermode; Handle params for egw_cache::getSession in the correct order
This commit is contained in:
parent
86ced579db
commit
0b1e444325
@ -132,8 +132,8 @@ class admin_passwordreset
|
|||||||
// force password change on next login
|
// force password change on next login
|
||||||
if ((string)$content['mustchangepassword'] !== '' && !(!$content['mustchangepassword'] && $change_pw))
|
if ((string)$content['mustchangepassword'] !== '' && !(!$content['mustchangepassword'] && $change_pw))
|
||||||
{
|
{
|
||||||
$GLOBALS['egw']->auth->setLastPwdChange($account_id, $password,
|
// dont use password here, as the use of passwords indicates the usage of the functionality in usermode
|
||||||
$content['mustchangepassword'] ? 0 : time());
|
$GLOBALS['egw']->auth->setLastPwdChange($account_id, null, $content['mustchangepassword'] ? 0 : time());
|
||||||
}
|
}
|
||||||
// allow or forbid to change password, if requested
|
// allow or forbid to change password, if requested
|
||||||
if ((string)$content['changepassword'] !== '')
|
if ((string)$content['changepassword'] !== '')
|
||||||
|
@ -70,7 +70,7 @@ class auth
|
|||||||
// dont check anything for anonymous sessions/ users that are flagged as anonymous
|
// dont check anything for anonymous sessions/ users that are flagged as anonymous
|
||||||
if (is_object($GLOBALS['egw']->session) && $GLOBALS['egw']->session->session_flags == 'A') return true;
|
if (is_object($GLOBALS['egw']->session) && $GLOBALS['egw']->session->session_flags == 'A') return true;
|
||||||
static $UserKnowsAboutPwdChange;
|
static $UserKnowsAboutPwdChange;
|
||||||
if (is_null($UserKnowsAboutPwdChange)) $UserKnowsAboutPwdChange =& egw_cache::getSession('auth_UserKnowsAboutPwdChange','phpgwapi');
|
if (is_null($UserKnowsAboutPwdChange)) $UserKnowsAboutPwdChange =& egw_cache::getSession('phpgwapi','auth_UserKnowsAboutPwdChange');
|
||||||
// some statics to make information and timecalculation a) more readable in conditions b) persistent per request
|
// some statics to make information and timecalculation a) more readable in conditions b) persistent per request
|
||||||
static $alpwchange_val;
|
static $alpwchange_val;
|
||||||
static $passwordAgeBorder;
|
static $passwordAgeBorder;
|
||||||
|
@ -210,8 +210,11 @@ class auth_ldap implements auth_backend
|
|||||||
*/
|
*/
|
||||||
function setLastPwdChange($account_id=0, $passwd=NULL, $lastpwdchange=NULL)
|
function setLastPwdChange($account_id=0, $passwd=NULL, $lastpwdchange=NULL)
|
||||||
{
|
{
|
||||||
if (!$account_id)
|
$admin = True;
|
||||||
|
// Don't allow password changes for other accounts when using XML-RPC
|
||||||
|
if(!$account_id || $GLOBALS['egw_info']['flags']['currentapp'] == 'login')
|
||||||
{
|
{
|
||||||
|
$admin = False;
|
||||||
$username = $GLOBALS['egw_info']['user']['account_lid'];
|
$username = $GLOBALS['egw_info']['user']['account_lid'];
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -232,7 +235,7 @@ class auth_ldap implements auth_backend
|
|||||||
|
|
||||||
$dn = $allValues[0]['dn'];
|
$dn = $allValues[0]['dn'];
|
||||||
|
|
||||||
if($passwd) // if old password given (not called by admin) --> bind as that user to change the pw
|
if(!$admin && $passwd) // if old password given (not called by admin) --> bind as that user to change the pw
|
||||||
{
|
{
|
||||||
$ds = common::ldapConnect('',$dn,$passwd);
|
$ds = common::ldapConnect('',$dn,$passwd);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user