Ralf Becker
058ef3e89f
* Login/Password: handle forced password change on login page
...
r53022: visualize not existing ability to unset "must change password on next login", by making it readonly
r53024: change "password about to expire in N days" warning into an once per login info-message (was a redirect to password change)
2015-07-01 17:54:18 +00:00
Ralf Becker
5eea435035
fixed auth_sql to allow updating passwords of in-active accounts and return true for all successfull password changes as documented (returned false if password was unchanged and hash password on success)
2013-06-26 09:49:30 +00:00
Ralf Becker
ef1756438e
* Preferences/EMail: if user changed password, update password in session correct, so eg. EMail using that password keeps working
2013-02-21 09:43:38 +00:00
Klaus Leithoff
ac22466ba0
set the session cache for auth_alpwchange_val in methods for changepassword too
2011-09-23 09:56:12 +00:00
Klaus Leithoff
6bff18eadd
set the session cache only when not in admin mode
2011-09-23 09:41:03 +00:00
Klaus Leithoff
b860d7fb50
set the session cache for auth_alpwchange_val on setLastPwdChange
2011-09-23 09:29:59 +00:00
Ralf Becker
fae1d29e68
- implemented more secure password hashing types: sha512_crypt, sha256_crypt and blowfish_crypt (later was only just broken)
...
- DB schema update for account_pwd to varchar(128) to accomodate sha512_crypt hashes
- enable automatic migration to sha512_crypt, if on SQL or LDAP (but only on Linux, as OpenLDAP has not native support for it)
2011-06-05 23:22:51 +00:00
Klaus Leithoff
9ec96b10e4
fix typo, as the account_lastpwd_change was not altered anymore on password change
2011-05-11 09:39:02 +00:00
Ralf Becker
bd64d536bc
fixed not working password (hash) migration
2011-05-04 13:33:34 +00:00
Klaus Leithoff
4f0e104e27
more to the issue: fix to regard the password-last-changed information from the auth system - if provided, and thus be able to react on forced password changes triggered by auth system
2011-03-16 12:44:42 +00:00
Klaus Leithoff
a080404dab
fix to regard the password-last-changed information from the auth system - if provided, and thus be able to react on forced password changes triggered from auth system. set password-last-changed info in authsystem on password change. when trying to force the user to change his password upon next login as admin from within egrouware, try to set the 0 value within the authsystem as well (in ldap rights are required for admin (or user) to set/alter the shadowlastchange attribute)
2011-03-16 11:00:16 +00:00
Ralf Becker
61d26df913
reworked auth classes, to allow them to use each other and a new auth class using a primary backend (ldap) and a fallback (sql)
2010-01-28 04:22:37 +00:00
Ralf Becker
232252475f
patch fixing many depricated functions (eg. posix regular expressions) and features, which fill up the error_log under php5.3 (and will no longer be available under php6).
...
Patch is mostly created by script in egroupware/doc/fix_depricated.php in separate commit.
I do NOT advice to apply this patch to a production system (it's commited to trunk!), as the automatic modified regular expressions have a good change to break something ...
2009-06-08 16:21:14 +00:00
Ralf Becker
bdf7f84a23
fix for bug #1261 : PostgreSQL: eGW ignores setting to dont care about case sensitive usernames
2008-06-07 08:25:28 +00:00
Ralf Becker
4f94d5837d
use of global db object and new headers, made all methods of the auth class static
2008-03-15 17:27:36 +00:00
Cornelius Weiß
f043f76be2
fix typo
2005-11-22 22:32:21 +00:00
Ralf Becker
c85d34c0fe
changed the following table-names:
...
- phpgw_accounts --> egw_accounts
- phpgw_acl --> egw_acl
- phpgw_log(_msg) --> egw_log(_msg)
- phpgw_config --> egw_config
- phpgw_applications --> egw_applications
This requires code-changes in many apps. Quite often I was able to replace the db access, with calls to the appropreate classes.
2005-11-02 11:45:52 +00:00
Miles Lott
137e472433
Use correct quoting when querying/setting account_id; minor formatting
2005-08-27 12:19:35 +00:00
Cornelius Weiß
632a990cfb
added support for authentication via cookie. NOTE: you have to enable this in setup if u want to use it.
2005-05-11 18:25:17 +00:00
Cornelius Weiß
bd9f34dbd3
bugfix in password migration
2005-05-10 21:14:20 +00:00
Cornelius Weiß
79c9507039
- massive code cleanup
...
- added md5_hmac auth type
- added support for password migration
2005-05-10 19:00:55 +00:00
reinerj
48f840d7de
move from old projct to new one
2004-05-05 12:06:13 +00:00
Miles Lott
04067c7a04
Add SMD5 hashing for sql and ldap based on my debian experience today
2004-01-26 03:01:54 +00:00
Miles Lott
934067f137
Fix the function call some more
2004-01-21 23:13:02 +00:00
Miles Lott
56085e8acf
Fix bad function call for md5 passwords
2004-01-21 23:10:05 +00:00
Miles Lott
9be5a8982d
Consolidate password updates and remove debug output, i think
2004-01-21 22:53:02 +00:00
Miles Lott
77fd8f4882
Move password functions to auth class; Add support for new encryption types in setup
...
and implement password checking and creation for these new types
2004-01-18 21:12:53 +00:00
Lars Kneschke
05b73a96b0
enable check for casesensitive usernames
2004-01-16 07:44:38 +00:00
Ralf Becker
b8557e49d9
make the phpgw Version-0_9_16-branch HEAD
2003-08-28 14:31:11 +00:00
jengo
1dc787e40d
Started working on allowing md5 passwords to be sent from login.php
2001-10-02 05:38:35 +00:00
Miles Lott
cb560611b1
using GLOBALS
2001-08-30 19:43:06 +00:00
jengo
37bd9763fa
Added feature to drop the previous login into appsessions, this way developer can find out how long its been since they last logged in.
...
- Formating in sqlssl
- Fixed change_password() in sqlssl not being correct and based on older versions
2001-06-03 17:58:12 +00:00
jengo
a7c66aa628
Fixed appsessions not being updated durring a password change
2001-04-17 17:49:13 +00:00
Miles Lott
e2afce4073
Fix account_id use in update_lastlogin to use get_account_id; formatting
2001-03-26 21:36:32 +00:00
skeeter
b9da94fd2e
New function get_account_id(). This will take either an account_id # as either an integer or a string and return a true intval(account_id) or take a string of a users lid and return the account_id as an integer
2001-03-19 20:25:04 +00:00
Lars Kneschke
9ebb3bfaae
make password changing working from user admin pages
2001-02-12 21:13:09 +00:00
skeeter
53f4716584
replaced quotes with single ticks where applicable
2001-02-11 20:03:35 +00:00
jengo
df7ef82a06
Fixed last login information not being updated
2001-02-07 13:19:09 +00:00
jengo
f6adca46c7
Changed the accounts class to use the new smaller version of the phpgw_accounts table
2001-02-05 14:58:03 +00:00
seek3r
4e3e6c77cb
fixed banners so that they are all uniform and complete
2001-01-16 13:52:32 +00:00
seek3r
fba1a92446
Put in new license details
2001-01-13 10:18:50 +00:00
seek3r
e97ef24062
switching to the new Object factory method
2001-01-11 09:52:33 +00:00