mirror of
https://github.com/EGroupware/egroupware.git
synced 2025-01-12 08:58:30 +01:00
Update changepassword to work with LDAP
This commit is contained in:
jengo
parent
83b44eb542
commit
cb30556aaf
@ -31,26 +31,6 @@
|
||||
}
|
||||
return $searchline;
|
||||
}
|
||||
|
||||
function descryptpass($userpass, $random)
|
||||
{
|
||||
$lcrypt = "{crypt}";
|
||||
$password = crypt($userpass);
|
||||
$ldappassword = sprintf("%s%s", $lcrypt, $password);
|
||||
|
||||
return $ldappassword;
|
||||
}
|
||||
|
||||
function md5cryptpass($userpass, $random)
|
||||
{
|
||||
$bsalt = "$1$";
|
||||
$lcrypt = "{crypt}";
|
||||
$modsalt = sprintf("%s%s", $bsalt, $random);
|
||||
$password = crypt($userpass, $modsalt);
|
||||
$ldappassword = sprintf("%s%s", $lcrypt, $password);
|
||||
|
||||
return $ldappassword;
|
||||
}
|
||||
|
||||
// Not the best method, but it works for now.
|
||||
function account_total()
|
||||
@ -106,12 +86,12 @@
|
||||
|
||||
if ($phpgw_info["server"]["ldap_encryption_type"] == "DES") {
|
||||
$salt = $phpgw->common->randomstring(2);
|
||||
$account_info["passwd"] = descryptpass($account_info["passwd"], $salt);
|
||||
$account_info["passwd"] = $phpgw->common->des_cryptpasswd($account_info["passwd"], $salt);
|
||||
}
|
||||
|
||||
if ($phpgw_info["server"]["ldap_encryption_type"] == "MD5") {
|
||||
$salt = $phpgw->common->randomstring(9);
|
||||
$account_info["passwd"] = md5cryptpass($account_info["passwd"], $salt);
|
||||
$account_info["passwd"] = $phpgw->common->md5_cryptpasswd($account_info["passwd"], $salt);
|
||||
}
|
||||
|
||||
// This method is only temp. We need to figure out the best way to assign uidnumbers and
|
||||
|
||||
@ -52,11 +52,13 @@ if (! $submit) {
|
||||
</table>
|
||||
</form>
|
||||
<br>
|
||||
<pre><?php echo lang("note: This feature does *not* change your email password. This will "
|
||||
. "need to be done manually."); ?>
|
||||
</pre>
|
||||
<?php
|
||||
$phpgw->common->phpgw_footer();
|
||||
<?php
|
||||
if ($phpgw_info["server"]["auth_type"] != "ldap") {
|
||||
echo "<pre>" . lang("note: This feature does *not* change your email password. This will "
|
||||
. "need to be done manually.") . "</pre>";
|
||||
}
|
||||
$phpgw->common->phpgw_footer();
|
||||
|
||||
} else {
|
||||
if ($n_passwd != $n_passwd_2)
|
||||
$error = lang("the two passwords are not the same");
|
||||
@ -70,14 +72,41 @@ if (! $submit) {
|
||||
exit;
|
||||
}
|
||||
|
||||
$phpgw->db->query("update accounts set account_pwd='" . md5($n_passwd) . "', "
|
||||
. "account_lastpwd_change='" . time() . "' where account_lid='"
|
||||
. $phpgw_info["user"]["userid"] . "'");
|
||||
if ($phpgw_info["server"]["auth_type"] == "sql") {
|
||||
$phpgw->db->query("update accounts set account_pwd='" . md5($n_passwd) . "' "
|
||||
. "where account_lid='" . $phpgw_info["user"]["userid"] . "'");
|
||||
}
|
||||
|
||||
if ($phpgw_info["server"]["auth_type"] == "ldap") {
|
||||
$ldap = ldap_connect($phpgw_info["server"]["ldap_host"]);
|
||||
|
||||
if (! @ldap_bind($ldap, $phpgw_info["server"]["ldap_root_dn"], $phpgw_info["server"]["ldap_root_pw"])) {
|
||||
echo "<p><b>Error binding to LDAP server. Check your config</b>";
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($phpgw_info["server"]["ldap_encryption_type"] == "DES") {
|
||||
$salt = $phpgw->common->randomstring(2);
|
||||
$n_passwd = $phpgw->common->des_cryptpasswd($n_passwd, $salt);
|
||||
}
|
||||
if ($phpgw_info["server"]["ldap_encryption_type"] == "MD5") {
|
||||
$salt = $phpgw->common->randomstring(9);
|
||||
$n_passwd = $phpgw->common->md5_cryptpasswd($n_passwd, $salt);
|
||||
}
|
||||
$entry["userpassword"] = $n_passwd;
|
||||
|
||||
$dn = sprintf("uid=%s, %s", $phpgw_info["user"]["userid"],$phpgw_info["server"]["ldap_context"]);
|
||||
@ldap_modify($ldap, $dn, $entry);
|
||||
}
|
||||
|
||||
// Since they are logged in, we need to change the password in sessions
|
||||
// in case they decied to check there mail.
|
||||
// in case they decied to check there mail.
|
||||
$phpgw->db->query("update sessions set session_pwd='" . $phpgw->common->encrypt($n_passwd)
|
||||
. "' where session_lid='" . $phpgw_info["user"]["userid"] . "'");
|
||||
. "' where session_lid='" . $phpgw_info["user"]["userid"] . "'");
|
||||
|
||||
// Update there last password change
|
||||
$phpgw->db->query("update accounts set account_lastpwd_change='" . time() . "' where account_id='"
|
||||
. $phpgw_info["user"]["account_id"] . "'");
|
||||
|
||||
Header("Location: " . $phpgw->link($phpgw_info["server"]["webserver_url"]
|
||||
. "/preferences/","cd=18"));
|
||||
|
||||
Loading…
Reference in New Issue
Block a user