egroupware_official/preferences/inc/class.uipassword.inc.php

<?php
/**
 * EGroupware preferences
 *
 * @package preferences
 * @link http://www.egroupware.org
 * @author Joseph Engo <jengo@phpgroupware.org>
 * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
 * @version $Id$
 */

class uipassword
{
	var $public_functions = array(
		'change' => True
	);

	function uipassword()
	{
		$this->bo =& CreateObject('preferences.bopassword');

	}

	function change()
	{
		//_debug_array($GLOBALS['egw_info']['user']);
		$n_passwd   = $_POST['n_passwd'];
		$n_passwd_2 = $_POST['n_passwd_2'];
		$o_passwd_2 = $_POST['o_passwd_2'];
		if (isset($_GET['message'])) $_GET['message'] = str_replace("<br />"," ",html::purify($_GET['message']));
		if($GLOBALS['egw']->acl->check('nopasswordchange', 1) || $_POST['cancel'])
		{
			if ($GLOBALS['egw_info']['user']['apps']['preferences'])
			{
				egw::redirect_link('/preferences/index.php');
			}
			else
			{
				egw::redirect_link('/index.php');	// redirect to start page
			}
		}

		$GLOBALS['egw']->template->set_file(array(
			'form' => 'changepassword.tpl'
		));
		$GLOBALS['egw']->template->set_var('lang_enter_password',lang('Enter your new password'));
		$GLOBALS['egw']->template->set_var('lang_reenter_password',lang('Re-enter your password'));
		$GLOBALS['egw']->template->set_var('lang_enter_old_password',lang('Enter your old password'));
		$GLOBALS['egw']->template->set_var('lang_change',lang('Change'));
		$GLOBALS['egw']->template->set_var('lang_cancel',lang('Cancel'));
		$GLOBALS['egw']->template->set_var('form_action',
			$GLOBALS['egw_info']['user']['apps']['preferences'] ?
				egw::link('/index.php','menuaction=preferences.uipassword.change') :
				egw::link('/preferences/password.php'));

		if($GLOBALS['egw_info']['server']['auth_type'] != 'ldap')
		{
			$smtpClassName = 'defaultsmtp';
			if (($default_profile_id = emailadmin_bo::getDefaultProfileID()))
			{
				$bofelamimail = felamimail_bo::forceEAProfileLoad($default_profile_id);
				//fetch the smtpClass
				//_debug_array($bofelamimail->ogServer);
				$smtpClassName = get_class($bofelamimail->ogServer);
			}
			$GLOBALS['egw']->template->set_var('sql_message',($smtpClassName!='emailadmin_smtp_sql'?lang('note: This feature does *not* change your email password. This will '
				. 'need to be done manually.'):''));
		}

		if($_POST['change'])
		{
			$o_passwd = $GLOBALS['egw_info']['user']['passwd'];

			if($o_passwd != $o_passwd_2)
			{
				$errors[] = lang('The old password is not correct');
			}

			if($n_passwd != $n_passwd_2)
			{
				$errors[] = lang('The two passwords are not the same');
			}

			if($o_passwd == $n_passwd)
			{
				$errors[] = lang('Old password and new password are the same. This is invalid. You must enter a new password');
			}

			if(!$n_passwd)
			{
				$errors[] = lang('You must enter a password');
			}
			$strength = ($GLOBALS['egw_info']['server']['force_pwd_strength']?$GLOBALS['egw_info']['server']['force_pwd_strength']:false);
			//error_log(__METHOD__.__LINE__.' Strength:'.$strength);

			if ($strength && $strength>5) $strength =5;
			if ($strength && $strength<0) $strength = false;
			if($GLOBALS['egw_info']['server']['check_save_passwd'] && $strength==false) $strength=5;//old behavior
			//error_log(__METHOD__.__LINE__.' Strength:'.$strength);
			if(($GLOBALS['egw_info']['server']['check_save_passwd'] || $strength) && $error_msg = $GLOBALS['egw']->auth->crackcheck($n_passwd,$strength))
			{
				$errors[] = $error_msg;
			}

			if(is_array($errors))
			{
				common::egw_header();
				echo parse_navbar();
				$GLOBALS['egw']->template->set_var('messages',common::error_list($errors));
				$GLOBALS['egw']->template->pfp('out','form');
				common::egw_exit(True);
			}

			$passwd_changed = $this->bo->changepass($o_passwd, $n_passwd);
			if(!$passwd_changed)
			{
				$errors[] = lang('Failed to change password.  Please contact your administrator.');
				common::egw_header();
				echo parse_navbar();
				$GLOBALS['egw']->template->set_var('messages',common::error_list($errors));
				$GLOBALS['egw']->template->pfp('out','form');
				common::egw_exit(True);
			}
			else
			{
				$GLOBALS['egw']->session->appsession('password','phpgwapi',base64_encode($n_passwd));
				$GLOBALS['egw_info']['user']['passwd'] = $n_passwd;
				$GLOBALS['egw_info']['user']['account_lastpwd_change'] = egw_time::to('now','ts');
				accounts::cache_invalidate($GLOBALS['egw_info']['user']['account_id']);
				egw::invalidate_session_cache();
				//_debug_array( $GLOBALS['egw_info']['user']);
				$GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
				$GLOBALS['hook_values']['old_passwd'] = $o_passwd;
				$GLOBALS['hook_values']['new_passwd'] = $n_passwd;

				// called for every app now, not only for the ones enabled for the user
				$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
					'location' => 'changepassword',
				),False,True);
				if ($GLOBALS['egw_info']['user']['apps']['preferences'])
				{
					egw::redirect_link('/preferences/index.php','cd=18');
				}
				$_GET['message'] = lang('Password changed');
			}
		}
		$GLOBALS['egw_info']['flags']['app_header'] = lang('Change your password');
		common::egw_header();
		echo parse_navbar();

		$GLOBALS['egw']->template->set_var('messages','<span class="redItalic">'.htmlspecialchars($_GET['message']).'</span>');
		$GLOBALS['egw']->template->pfp('out','form');
		common::egw_footer();
	}
}
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`<?php`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`/**`
			`* EGroupware preferences`
			`*`
			`* @package preferences`
			`* @link http://www.egroupware.org`
			`* @author Joseph Engo <jengo@phpgroupware.org>`
			`* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License`
			`* @version $Id$`
			`*/`

			`class uipassword`
			`{`
			`var $public_functions = array(`
			`'change' => True`
			`);`

			`function uipassword()`
			`{`
			`$this->bo =& CreateObject('preferences.bopassword');`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`}`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`function change()`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`{`
Feature: to allow admins a) to set an allowed password age, to require all users to change their password regularily; b) force password change for a given user on the users next login; c) better control about the password strength required; Funded by Cricket 2010-09-22 11:48:27 +02:00			`//_debug_array($GLOBALS['egw_info']['user']);`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`$n_passwd = $_POST['n_passwd'];`
			`$n_passwd_2 = $_POST['n_passwd_2'];`
			`$o_passwd_2 = $_POST['o_passwd_2'];`
* API/Auth: when required by setup check password strength upon login; strength must be specified, and user must be allowed to change password 2013-04-04 13:12:27 +02:00			`if (isset($_GET['message'])) $_GET['message'] = str_replace("<br />"," ",html::purify($_GET['message']));`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`if($GLOBALS['egw']->acl->check('nopasswordchange', 1) \|\| $_POST['cancel'])`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`{`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`if ($GLOBALS['egw_info']['user']['apps']['preferences'])`
			`{`
			`egw::redirect_link('/preferences/index.php');`
			`}`
			`else`
			`{`
			`egw::redirect_link('/index.php'); // redirect to start page`
			`}`
			`}`
fix bug after name change of the change-password classed. 2005-08-16 15:22:54 +02:00
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`$GLOBALS['egw']->template->set_file(array(`
			`'form' => 'changepassword.tpl'`
			`));`
			`$GLOBALS['egw']->template->set_var('lang_enter_password',lang('Enter your new password'));`
			`$GLOBALS['egw']->template->set_var('lang_reenter_password',lang('Re-enter your password'));`
			`$GLOBALS['egw']->template->set_var('lang_enter_old_password',lang('Enter your old password'));`
			`$GLOBALS['egw']->template->set_var('lang_change',lang('Change'));`
			`$GLOBALS['egw']->template->set_var('lang_cancel',lang('Cancel'));`
			`$GLOBALS['egw']->template->set_var('form_action',`
			`$GLOBALS['egw_info']['user']['apps']['preferences'] ?`
			`egw::link('/index.php','menuaction=preferences.uipassword.change') :`
			`egw::link('/preferences/password.php'));`

			`if($GLOBALS['egw_info']['server']['auth_type'] != 'ldap')`
			`{`
* Password: when using accounts stored in sql, and smtp is of emailadmin_smtp_sql (server must support this, and must be implemented that way) we do change passwords for mailaccounts as well, even the account is stored in sql, as the egroupware database is auth base for the mailserver 2012-12-13 17:52:29 +01:00			`$smtpClassName = 'defaultsmtp';`
			`if (($default_profile_id = emailadmin_bo::getDefaultProfileID()))`
			`{`
			`$bofelamimail = felamimail_bo::forceEAProfileLoad($default_profile_id);`
			`//fetch the smtpClass`
			`//_debug_array($bofelamimail->ogServer);`
			`$smtpClassName = get_class($bofelamimail->ogServer);`
			`}`
			`$GLOBALS['egw']->template->set_var('sql_message',($smtpClassName!='emailadmin_smtp_sql'?lang('note: This feature does not change your email password. This will '`
			`. 'need to be done manually.'):''));`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`}`

allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`if($_POST['change'])`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`{`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`$o_passwd = $GLOBALS['egw_info']['user']['passwd'];`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`if($o_passwd != $o_passwd_2)`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`{`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`$errors[] = lang('The old password is not correct');`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`}`

allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`if($n_passwd != $n_passwd_2)`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`{`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`$errors[] = lang('The two passwords are not the same');`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`}`

Feature: to allow admins a) to set an allowed password age, to require all users to change their password regularily; b) force password change for a given user on the users next login; c) better control about the password strength required; Funded by Cricket 2010-09-22 11:48:27 +02:00			`if($o_passwd == $n_passwd)`
			`{`
			`$errors[] = lang('Old password and new password are the same. This is invalid. You must enter a new password');`
			`}`

allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`if(!$n_passwd)`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`{`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`$errors[] = lang('You must enter a password');`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`}`
Feature: to allow admins a) to set an allowed password age, to require all users to change their password regularily; b) force password change for a given user on the users next login; c) better control about the password strength required; Funded by Cricket 2010-09-22 11:48:27 +02:00			`$strength = ($GLOBALS['egw_info']['server']['force_pwd_strength']?$GLOBALS['egw_info']['server']['force_pwd_strength']:false);`
			`//error_log(__METHOD__.__LINE__.' Strength:'.$strength);`

			`if ($strength && $strength>5) $strength =5;`
* Password: when using accounts stored in sql, and smtp is of emailadmin_smtp_sql (server must support this, and must be implemented that way) we do change passwords for mailaccounts as well, even the account is stored in sql, as the egroupware database is auth base for the mailserver 2012-12-13 17:52:29 +01:00			`if ($strength && $strength<0) $strength = false;`
Feature: to allow admins a) to set an allowed password age, to require all users to change their password regularily; b) force password change for a given user on the users next login; c) better control about the password strength required; Funded by Cricket 2010-09-22 11:48:27 +02:00			`if($GLOBALS['egw_info']['server']['check_save_passwd'] && $strength==false) $strength=5;//old behavior`
			`//error_log(__METHOD__.__LINE__.' Strength:'.$strength);`
			`if(($GLOBALS['egw_info']['server']['check_save_passwd'] \|\| $strength) && $error_msg = $GLOBALS['egw']->auth->crackcheck($n_passwd,$strength))`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`{`
			`$errors[] = $error_msg;`
			`}`

			`if(is_array($errors))`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`{`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`common::egw_header();`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`echo parse_navbar();`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`$GLOBALS['egw']->template->set_var('messages',common::error_list($errors));`
			`$GLOBALS['egw']->template->pfp('out','form');`
			`common::egw_exit(True);`
			`}`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`$passwd_changed = $this->bo->changepass($o_passwd, $n_passwd);`
			`if(!$passwd_changed)`
			`{`
			`$errors[] = lang('Failed to change password. Please contact your administrator.');`
			`common::egw_header();`
			`echo parse_navbar();`
			`$GLOBALS['egw']->template->set_var('messages',common::error_list($errors));`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`$GLOBALS['egw']->template->pfp('out','form');`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`common::egw_exit(True);`
			`}`
			`else`
			`{`
			`$GLOBALS['egw']->session->appsession('password','phpgwapi',base64_encode($n_passwd));`
			`$GLOBALS['egw_info']['user']['passwd'] = $n_passwd;`
Feature: to allow admins a) to set an allowed password age, to require all users to change their password regularily; b) force password change for a given user on the users next login; c) better control about the password strength required; Funded by Cricket 2010-09-22 11:48:27 +02:00			`$GLOBALS['egw_info']['user']['account_lastpwd_change'] = egw_time::to('now','ts');`
			`accounts::cache_invalidate($GLOBALS['egw_info']['user']['account_id']);`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`egw::invalidate_session_cache();`
Feature: to allow admins a) to set an allowed password age, to require all users to change their password regularily; b) force password change for a given user on the users next login; c) better control about the password strength required; Funded by Cricket 2010-09-22 11:48:27 +02:00			`//_debug_array( $GLOBALS['egw_info']['user']);`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`$GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id'];`
			`$GLOBALS['hook_values']['old_passwd'] = $o_passwd;`
			`$GLOBALS['hook_values']['new_passwd'] = $n_passwd;`

			`// called for every app now, not only for the ones enabled for the user`
			`$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(`
			`'location' => 'changepassword',`
			`),False,True);`
			`if ($GLOBALS['egw_info']['user']['apps']['preferences'])`
			`{`
			`egw::redirect_link('/preferences/index.php','cd=18');`
			`}`
			`$_GET['message'] = lang('Password changed');`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`}`
			`}`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`$GLOBALS['egw_info']['flags']['app_header'] = lang('Change your password');`
			`common::egw_header();`
			`echo parse_navbar();`

			`$GLOBALS['egw']->template->set_var('messages','<span class="redItalic">'.htmlspecialchars($_GET['message']).'</span>');`
			`$GLOBALS['egw']->template->pfp('out','form');`
			`common::egw_footer();`
Update of preferences app to work as a multi-tiered application and via xml-rpc 2005-07-23 11:44:46 +02:00			`}`
allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 16:29:20 +02:00			`}`