mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-22 07:53:39 +01:00
* Admin/Preferences: changepassword hook was called twice
fixed by calling in now from API and not on every location in application code changing a password
This commit is contained in:
Ralf Becker
parent
dd2465b317
commit
e94502515d
@ -7,13 +7,13 @@
|
||||
* @package admin
|
||||
* @copyright (c) 2007 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
||||
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
|
||||
* @version $Id$
|
||||
* @version $Id$
|
||||
*/
|
||||
|
||||
/**
|
||||
* admin command: change the password of a given user
|
||||
*/
|
||||
class admin_cmd_change_pw extends admin_cmd
|
||||
class admin_cmd_change_pw extends admin_cmd
|
||||
{
|
||||
/**
|
||||
* Constructor
|
||||
@ -35,7 +35,7 @@ class admin_cmd_change_pw extends admin_cmd
|
||||
|
||||
/**
|
||||
* change the password of a given user
|
||||
*
|
||||
*
|
||||
* @param boolean $check_only=false only run the checks (and throw the exceptions), but not the command itself
|
||||
* @return string success message
|
||||
* @throws egw_exception_no_admin
|
||||
@ -47,29 +47,16 @@ class admin_cmd_change_pw extends admin_cmd
|
||||
$account_id = admin_cmd::parse_account($this->account,true); // true = user, no group
|
||||
// check creator is still admin and not explicitly forbidden to edit accounts
|
||||
if ($this->creator) $this->_check_admin('account_access',16);
|
||||
|
||||
|
||||
if ($check_only) return true;
|
||||
|
||||
|
||||
$auth = new auth;
|
||||
|
||||
|
||||
if (!$auth->change_password(null, $this->password, $account_id))
|
||||
{
|
||||
// as long as the auth class is not throwing itself ...
|
||||
throw new Exception(lang('Error changing the password for % !!!',$this->account),99);
|
||||
}
|
||||
$GLOBALS['hook_values']['account_id'] = $account_id;
|
||||
$GLOBALS['hook_values']['account_lid'] = $this->account;
|
||||
if (is_numeric($this->account))
|
||||
{
|
||||
admin_cmd::_instanciate_accounts();
|
||||
$GLOBALS['hook_values']['account_lid'] = admin_cmd::$accounts->id2name($this->account);
|
||||
}
|
||||
$GLOBALS['hook_values']['old_passwd'] = null;
|
||||
$GLOBALS['hook_values']['new_passwd'] = $this->password;
|
||||
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
|
||||
'location' => 'changepassword'
|
||||
),False,True); // called for every app now, not only enabled ones)
|
||||
|
||||
return lang('Password updated');
|
||||
}
|
||||
|
||||
|
||||
@ -398,14 +398,6 @@
|
||||
$auth = new auth();
|
||||
if ($auth->change_password('', $passwd, $_userData['account_id']))
|
||||
{
|
||||
$GLOBALS['hook_values']['account_id'] = $_userData['account_id'];
|
||||
$GLOBALS['hook_values']['old_passwd'] = '';
|
||||
$GLOBALS['hook_values']['new_passwd'] = $passwd;
|
||||
|
||||
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
|
||||
'location' => 'changepassword'
|
||||
),False,True); // called for every app now, not only enabled ones)
|
||||
|
||||
if ($_userData['account_lastpwd_change']==0 || // AD requires to activate account AFTER setting pw
|
||||
$new_account && $_userData['account_status'] == 'A' && $GLOBALS['egw']->accounts->require_password_for_enable())
|
||||
{
|
||||
|
||||
@ -230,13 +230,28 @@ class auth
|
||||
{
|
||||
throw new egw_exception_wrong_userinput($err);
|
||||
}
|
||||
if (($ret = $this->backend->change_password($old_passwd, $new_passwd, $account_id)) &&
|
||||
($account_id == $GLOBALS['egw_info']['user']['account_id']))
|
||||
if (($ret = $this->backend->change_password($old_passwd, $new_passwd, $account_id)))
|
||||
{
|
||||
// need to change current users password in session
|
||||
egw_cache::setSession('phpgwapi', 'password', base64_encode($new_passwd));
|
||||
// invalidate EGroupware session, as password is stored in egw_info in session
|
||||
egw::invalidate_session_cache();
|
||||
if ($account_id == $GLOBALS['egw_info']['user']['account_id'])
|
||||
{
|
||||
// need to change current users password in session
|
||||
egw_cache::setSession('phpgwapi', 'password', base64_encode($new_passwd));
|
||||
$GLOBALS['egw_info']['user']['passwd'] = $new_passwd;
|
||||
$GLOBALS['egw_info']['user']['account_lastpwd_change'] = egw_time::to('now','ts');
|
||||
// invalidate EGroupware session, as password is stored in egw_info in session
|
||||
egw::invalidate_session_cache();
|
||||
}
|
||||
accounts::cache_invalidate($account_id);
|
||||
// run changepwasswd hook
|
||||
$GLOBALS['hook_values'] = array(
|
||||
'account_id' => $account_id,
|
||||
'account_lid' => accounts::id2name($account_id),
|
||||
'old_passwd' => $old_passwd,
|
||||
'new_passwd' => $new_passwd,
|
||||
);
|
||||
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
|
||||
'location' => 'changepassword'
|
||||
),False,True); // called for every app now, not only enabled ones)
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
@ -33,6 +33,12 @@
|
||||
{
|
||||
if (($ret = $GLOBALS['egw']->auth->change_password($old, $new, $GLOBALS['egw_info']['user']['account_id'])))
|
||||
{
|
||||
$GLOBALS['egw']->session->appsession('password','phpgwapi',base64_encode($new));
|
||||
$GLOBALS['egw_info']['user']['passwd'] = $new;
|
||||
$GLOBALS['egw_info']['user']['account_lastpwd_change'] = egw_time::to('now','ts');
|
||||
accounts::cache_invalidate($GLOBALS['egw_info']['user']['account_id']);
|
||||
egw::invalidate_session_cache();
|
||||
//_debug_array( $GLOBALS['egw_info']['user']);
|
||||
$GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
|
||||
$GLOBALS['hook_values']['old_passwd'] = $old;
|
||||
$GLOBALS['hook_values']['new_passwd'] = $new;
|
||||
|
||||
@ -97,7 +97,8 @@ class uipassword
|
||||
if (!$errors)
|
||||
{
|
||||
try {
|
||||
$passwd_changed = $this->bo->changepass($o_passwd, $n_passwd);
|
||||
$passwd_changed = $GLOBALS['egw']->auth->change_password($o_passwd, $n_passwd,
|
||||
$GLOBALS['egw_info']['user']['account_id']);
|
||||
}
|
||||
catch (Exception $e) {
|
||||
$errors[] = $e->getMessage();
|
||||
@ -117,20 +118,6 @@ class uipassword
|
||||
}
|
||||
else
|
||||
{
|
||||
$GLOBALS['egw']->session->appsession('password','phpgwapi',base64_encode($n_passwd));
|
||||
$GLOBALS['egw_info']['user']['passwd'] = $n_passwd;
|
||||
$GLOBALS['egw_info']['user']['account_lastpwd_change'] = egw_time::to('now','ts');
|
||||
accounts::cache_invalidate($GLOBALS['egw_info']['user']['account_id']);
|
||||
egw::invalidate_session_cache();
|
||||
//_debug_array( $GLOBALS['egw_info']['user']);
|
||||
$GLOBALS['hook_values']['account_id'] = $GLOBALS['egw_info']['user']['account_id'];
|
||||
$GLOBALS['hook_values']['old_passwd'] = $o_passwd;
|
||||
$GLOBALS['hook_values']['new_passwd'] = $n_passwd;
|
||||
|
||||
// called for every app now, not only for the ones enabled for the user
|
||||
$GLOBALS['egw']->hooks->process($GLOBALS['hook_values']+array(
|
||||
'location' => 'changepassword',
|
||||
),False,True);
|
||||
if ($GLOBALS['egw_info']['user']['apps']['preferences'])
|
||||
{
|
||||
egw::redirect_link('/preferences/index.php','cd=18');
|
||||
|
||||
Loading…
Reference in New Issue
Block a user