2007-11-15 19:07:24 +01:00
< ? php
/*******************************************************************************
* Copyright ( C ) 2007 Easter - eggs
* http :// ldapsaisie . labs . libre - entreprise . org
*
* Author : See AUTHORS file in top - level directory .
*
* This program is free software ; you can redistribute it and / or
* modify it under the terms of the GNU General Public License version 2
* as published by the Free Software Foundation .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
* along with this program ; if not , write to the Free Software
* Foundation , Inc . , 59 Temple Place - Suite 330 , Boston , MA 02111 - 1307 , USA .
******************************************************************************/
2009-02-20 15:05:22 +01:00
LSsession :: loadLSclass ( 'LSformElement' );
2007-11-15 19:07:24 +01:00
/**
* Element password d ' un formulaire pour LdapSaisie
*
2008-04-25 16:09:27 +02:00
* Cette classe définis les éléments password des formulaires .
* Elle étant la classe basic LSformElement .
2007-11-15 19:07:24 +01:00
*
* @ author Benjamin Renard < brenard @ easter - eggs . com >
*/
class LSformElement_password extends LSformElement {
2008-10-16 14:01:26 +02:00
var $fieldTemplate = 'LSformElement_password_field.tpl' ;
var $template = 'LSformElement_password.tpl' ;
2008-10-31 13:12:31 +01:00
var $sendMail = false ;
2007-11-15 19:07:24 +01:00
2008-02-12 18:59:44 +01:00
/**
2008-04-25 16:09:27 +02:00
* Recupère la valeur de l ' élement passée en POST
2007-11-15 19:07:24 +01:00
*
2008-04-25 16:09:27 +02:00
* Cette méthode vérifie la présence en POST de la valeur de l ' élément et la récupère
* pour la mettre dans le tableau passer en paramètre avec en clef le nom de l ' élément
2007-11-15 19:07:24 +01:00
*
2008-04-25 16:09:27 +02:00
* @ param [] array Pointeur sur le tableau qui recupèrera la valeur .
2007-11-15 19:07:24 +01:00
*
2008-04-25 16:09:27 +02:00
* @ retval boolean true si la valeur est présente en POST , false sinon
2007-11-15 19:07:24 +01:00
*/
function getPostData ( & $return ) {
2008-04-25 16:09:27 +02:00
// Récupère la valeur dans _POST, et les vérifie avec la fonction générale
2008-02-12 18:59:44 +01:00
$retval = parent :: getPostData ( $return );
2008-04-25 16:09:27 +02:00
// Si une valeur est recupérée
2007-11-15 19:07:24 +01:00
if ( $retval ) {
2008-02-12 18:59:44 +01:00
$val = $this -> form -> ldapObject -> attrs [ $this -> name ] -> getValue ();
if ( ( empty ( $return [ $this -> name ][ 0 ]) ) && ( ! empty ( $val ) ) ) {
unset ( $return [ $this -> name ]);
$this -> form -> _notUpdate [ $this -> name ] == true ;
return true ;
}
2008-10-31 13:12:31 +01:00
2011-05-23 12:04:04 +02:00
if ( $this -> verifyPassword ( $return [ $this -> name ][ 0 ]) || ( empty ( $return [ $this -> name ][ 0 ]) && empty ( $val ))) {
2011-05-01 16:44:32 +02:00
LSdebug ( " Password : no change " );
unset ( $return [ $this -> name ]);
$this -> form -> _notUpdate [ $this -> name ] == true ;
return true ;
}
2010-04-26 16:51:46 +02:00
2008-10-31 13:12:31 +01:00
//Mail
2011-05-23 11:50:34 +02:00
// Do not send mail if password is not set :
if ( empty ( $return [ $this -> name ])) {
return true ;
}
2008-10-31 13:12:31 +01:00
if ( isset ( $_POST [ 'LSformElement_password_' . $this -> name . '_send' ])) {
if ( $_POST [ 'LSformElement_password_' . $this -> name . '_send' ] == 1 ) {
$this -> sendMail = true ;
LSdebug ( 'send by form' );
}
}
2012-09-03 10:26:36 +02:00
else if ( isset ( $this -> params [ 'html_options' ][ 'mail' ][ 'isset' ]) && $this -> params [ 'html_options' ][ 'mail' ][ 'send' ] == 1 ) {
2008-10-31 13:12:31 +01:00
$this -> sendMail = true ;
LSdebug ( 'send by config' );
}
2009-01-24 18:45:14 +01:00
if ( $this -> sendMail && LSsession :: loadLSaddon ( 'mail' )) {
2010-11-18 15:37:50 +01:00
$msg = $this -> params [ 'html_options' ][ 'mail' ][ 'msg' ];
2008-10-31 13:12:31 +01:00
$subject = $this -> params [ 'html_options' ][ 'mail' ][ 'subject' ];
if ( isset ( $_POST [ 'LSformElement_password_' . $this -> name . '_msg' ])) {
$msgInfos = json_decode ( $_POST [ 'LSformElement_password_' . $this -> name . '_msg' ]);
if ( $msgInfos -> subject ) {
$subject = $msgInfos -> subject ;
}
if ( $msgInfos -> msg ) {
2010-11-18 15:37:50 +01:00
$msg = $msgInfos -> msg ;
2008-10-31 13:12:31 +01:00
}
if ( $msgInfos -> mail ) {
$mail = $msgInfos -> mail ;
}
}
$this -> sendMail = array (
'subject' => $subject ,
'msg' => $msg ,
2010-11-18 15:37:50 +01:00
'mail' => $mail ,
'pwd' => $return [ $this -> name ][ 0 ]
2008-10-31 13:12:31 +01:00
);
$this -> attr_html -> attribute -> addObjectEvent ( 'after_modify' , $this , 'send' );
}
2008-02-12 18:59:44 +01:00
}
2007-11-15 19:07:24 +01:00
return $retval ;
}
2008-05-15 12:56:55 +02:00
/**
2008-04-25 16:09:27 +02:00
* Retourne les infos d 'affichage de l' élément
2007-11-15 19:07:24 +01:00
*
2008-04-25 16:09:27 +02:00
* Cette méthode retourne les informations d 'affichage de l' élement
2007-11-15 19:07:24 +01:00
*
2008-02-05 17:11:21 +01:00
* @ retval array
2007-11-15 19:07:24 +01:00
*/
2008-02-12 18:59:44 +01:00
function getDisplay (){
2009-01-24 18:45:14 +01:00
LSsession :: addCssFile ( 'LSformElement_password.css' );
2008-02-12 18:59:44 +01:00
$return = $this -> getLabelInfos ();
2008-10-16 14:01:26 +02:00
$pwd = " " ;
2013-06-24 17:52:45 +02:00
if ( $this -> params [ 'html_options' ][ 'clearView' ] or $this -> params [ 'html_options' ][ 'clearEdit' ]) {
$pwd = $this -> values [ 0 ];
}
2008-02-12 18:59:44 +01:00
if ( ! $this -> isFreeze ()) {
2008-11-10 03:12:36 +01:00
// Help Infos
2009-01-24 18:45:14 +01:00
LSsession :: addHelpInfos (
2008-11-10 03:12:36 +01:00
'LSformElement_password' ,
array (
2009-02-14 00:06:58 +01:00
'generate' => _ ( 'Generate a password.' ),
2009-03-12 19:01:31 +01:00
'verify' => _ ( 'Compare with stored password.' ),
2009-02-14 00:06:58 +01:00
'view' => _ ( 'Display password.' ),
2010-04-27 15:52:45 +02:00
'viewHash' => _ ( 'Display hashed password.' ),
2009-02-14 00:06:58 +01:00
'hide' => _ ( 'Hide password.' ),
'mail' => _ ( " The password will be sent by mail if changed. Click to disable automatic notification. " ),
'nomail' => _ ( " The password will not be sent if changed. Click to enable automatic notification. " ),
'editmail' => _ ( " Modify the mail sent to notice the user " )
2008-11-10 03:12:36 +01:00
)
);
2008-10-16 14:01:26 +02:00
if (( $this -> params [ 'html_options' ][ 'generationTool' ]) && ( $this -> params [ 'html_options' ][ 'autoGenerate' ]) && ( empty ( $this -> values ))) {
2009-04-09 11:28:48 +02:00
$pwd = $this -> generatePassword ( $this -> params );
2008-06-19 16:07:57 +02:00
}
2008-05-07 16:09:47 +02:00
2008-10-16 14:01:26 +02:00
$params = array (
'generate' => ( $this -> params [ 'html_options' ][ 'generationTool' ] == True ),
2013-06-24 17:52:45 +02:00
'clearEdit' => ( $this -> params [ 'html_options' ][ 'clearEdit' ] == True ),
2010-04-27 15:52:45 +02:00
'viewHash' => ( $this -> params [ 'html_options' ][ 'viewHash' ] == True ),
2011-04-11 12:17:52 +02:00
'verify' => ( ( ! $this -> attr_html -> attribute -> ldapObject -> isNew ()) && ( ( isset ( $this -> params [ 'html_options' ][ 'verify' ]) && $this -> params [ 'html_options' ][ 'verify' ]) || ( ! isset ( $this -> params [ 'html_options' ][ 'verify' ])) ) )
2008-10-16 14:01:26 +02:00
);
2008-10-31 13:12:31 +01:00
if ( isset ( $this -> params [ 'html_options' ][ 'mail' ])) {
$params [ 'mail' ] = $this -> params [ 'html_options' ][ 'mail' ];
2018-02-08 18:16:23 +01:00
$params [ 'mail' ][ 'mail_attr' ] = $this -> getMailAttrs ();
2008-10-31 13:12:31 +01:00
}
2009-01-24 18:45:14 +01:00
LSsession :: addJSconfigParam ( $this -> name , $params );
2008-07-05 22:28:49 +02:00
2009-01-24 18:45:14 +01:00
LSsession :: addJSscript ( 'LSformElement_password_field.js' );
LSsession :: addJSscript ( 'LSformElement_password.js' );
2008-02-12 18:59:44 +01:00
}
2013-06-24 17:52:45 +02:00
$return [ 'html' ] = $this -> fetchTemplate ( NULL , array ( 'pwd' => $pwd , 'clearView' => $this -> params [ 'html_options' ][ 'clearView' ], 'clearEdit' => $this -> params [ 'html_options' ][ 'clearEdit' ]));
2008-02-12 18:59:44 +01:00
return $return ;
}
2008-05-07 16:09:47 +02:00
2010-11-19 18:12:33 +01:00
function generatePassword ( $params = NULL ) {
2015-02-05 10:33:14 +01:00
if ( $params [ 'html_options' ][ 'use_pwgen' ]) {
$args = ( isset ( $params [ 'html_options' ][ 'pwgen_opts' ]) ? $params [ 'html_options' ][ 'pwgen_opts' ] : '' );
$len = ( isset ( $params [ 'html_options' ][ 'lenght' ]) ? $params [ 'html_options' ][ 'lenght' ] : 8 );
$bin = ( isset ( $params [ 'html_options' ][ 'pwgen_path' ]) ? $params [ 'html_options' ][ 'pwgen_path' ] : 'pwgen' );
$cmd = " $bin " . escapeshellcmd ( $args ) . " $len 1 " ;
exec ( $cmd , $ret , $retcode );
LSdebug ( " Generate password using pwgen. Cmd : ' $cmd ' / Return code : $retcode / Return : " . print_r ( $ret , 1 ));
if ( $retcode == 0 && count ( $ret ) > 0 ) {
return $ret [ 0 ];
}
else {
LSerror :: addErrorCode ( 'LSformElement_password_03' );
}
}
2009-04-09 11:28:48 +02:00
return generatePassword ( $params [ 'html_options' ][ 'chars' ], $params [ 'html_options' ][ 'lenght' ]);
2008-05-07 16:09:47 +02:00
}
2008-06-19 16:07:57 +02:00
function verifyPassword ( $pwd ) {
if ( $this -> attr_html -> attribute -> ldapObject -> isNew ()) {
return false ;
}
2011-05-01 16:44:32 +02:00
if ( $this -> isLoginPassword ()) {
return LSsession :: checkUserPwd ( $this -> attr_html -> attribute -> ldapObject , $pwd );
}
else {
$hash = $this -> attr_html -> attribute -> ldap -> encodePassword ( $pwd );
$find = false ;
2011-05-23 11:31:59 +02:00
if ( is_array ( $this -> attr_html -> attribute -> data )) {
$data = $this -> attr_html -> attribute -> data ;
}
elseif ( ! is_array ( $this -> attr_html -> attribute -> data ) && ! empty ( $this -> attr_html -> attribute -> data )) {
$data = array ( $this -> attr_html -> attribute -> data );
}
else {
return $find ;
}
foreach ( $data as $val ) {
2011-05-01 16:44:32 +02:00
if ( $hash == $val )
$find = true ;
}
return $find ;
}
2008-06-19 16:07:57 +02:00
}
2018-02-08 18:16:23 +01:00
function getMailAttrs () {
if ( ! isset ( $this -> params [ 'html_options' ][ 'mail' ]) || ! is_array ( $this -> params [ 'html_options' ][ 'mail' ]))
return False ;
if ( isset ( $this -> params [ 'html_options' ][ 'mail' ][ 'get_mail_attr_function' ])) {
if ( is_callable ( $this -> params [ 'html_options' ][ 'mail' ][ 'get_mail_attr_function' ])) {
try {
return call_user_func_array ( $this -> params [ 'html_options' ][ 'mail' ][ 'get_mail_attr_function' ], array ( & $this ));
}
catch ( Exception $e ) {
LSerror :: addErrorCode ( 'LSformElement_password_05' , $e -> getMessage ());
}
}
else {
LSerror :: addErrorCode ( 'LSformElement_password_04' );
return False ;
}
}
elseif ( isset ( $this -> params [ 'html_options' ][ 'mail' ][ 'mail_attr' ])) {
return $this -> params [ 'html_options' ][ 'mail' ][ 'mail_attr' ];
}
}
2008-10-31 13:12:31 +01:00
function send ( $params ) {
if ( is_array ( $this -> sendMail )) {
$mail = ( String ) $this -> sendMail [ 'mail' ];
Lsdebug ( $mail );
if ( $mail == " " ) {
2018-02-08 18:16:23 +01:00
$mail_attrs = $this -> getMailAttrs ();
2012-12-18 12:20:27 +01:00
if ( ! is_array ( $mail_attrs )) {
2013-09-05 10:33:23 +02:00
$mail_attrs = array ( $mail_attrs );
2008-10-31 13:12:31 +01:00
}
2012-12-18 12:20:27 +01:00
foreach ( $mail_attrs as $attr ) {
$mail_attr = $this -> attr_html -> attribute -> ldapObject -> attrs [ $attr ];
if ( $mail_attr instanceOf LSattribute ) {
$mail = $mail_attr -> getValue ();
if ( ! empty ( $mail ) && checkEmail ( $mail [ 0 ], NULL , true )) {
$mail = $mail [ 0 ];
break ;
}
else {
$mail = " " ;
}
}
else {
LSdebug ( " L'attribut $mail_attr pour l'envoie du nouveau mot de passe n'existe pas. " );
}
}
if ( $mail == " " ) {
LSerror :: addErrorCode ( 'LSformElement_password_01' );
2008-10-31 13:12:31 +01:00
return ;
}
}
if ( checkEmail ( $mail , NULL , true )) {
2010-11-18 15:37:50 +01:00
$this -> attr_html -> attribute -> ldapObject -> registerOtherValue ( 'password' , $this -> sendMail [ 'pwd' ]);
$msg = $this -> attr_html -> attribute -> ldapObject -> getFData ( $this -> sendMail [ 'msg' ]);
2012-04-17 16:03:14 +02:00
if ( isset ( $this -> params [ 'html_options' ][ 'mail' ][ 'headers' ])) {
$headers = $this -> params [ 'html_options' ][ 'mail' ][ 'headers' ];
}
else {
$headers = array ();
}
2012-09-07 13:39:40 +02:00
if ( $this -> params [ 'html_options' ][ 'mail' ][ 'bcc' ]) {
$headers [ 'Bcc' ] = $this -> params [ 'html_options' ][ 'mail' ][ 'bcc' ];
}
2008-10-31 13:12:31 +01:00
if ( sendMail (
$mail ,
$this -> sendMail [ 'subject' ],
2012-04-17 16:03:14 +02:00
$msg ,
$headers
2008-10-31 13:12:31 +01:00
)) {
2009-02-14 00:06:58 +01:00
LSsession :: addInfo ( _ ( 'Notice mail sent.' ));
2008-10-31 13:12:31 +01:00
}
}
else {
2012-12-18 12:20:27 +01:00
LSerror :: addErrorCode ( 'LSformElement_password_02' , $mail );
2008-10-31 13:12:31 +01:00
return ;
}
}
return true ;
}
2009-02-20 15:05:22 +01:00
public static function ajax_verifyPassword ( & $data ) {
if (( isset ( $_REQUEST [ 'attribute' ])) && ( isset ( $_REQUEST [ 'objecttype' ])) && ( isset ( $_REQUEST [ 'fieldValue' ])) && ( isset ( $_REQUEST [ 'idform' ])) && ( isset ( $_REQUEST [ 'objectdn' ])) ) {
if ( LSsession :: loadLSobject ( $_REQUEST [ 'objecttype' ])) {
$object = new $_REQUEST [ 'objecttype' ]();
$object -> loadData ( $_REQUEST [ 'objectdn' ]);
2009-05-28 18:07:05 +02:00
$form = $object -> getForm ( $_REQUEST [ 'idform' ]);
if ( $form ) {
$field = $form -> getElement ( $_REQUEST [ 'attribute' ]);
if ( $field ) {
$val = $field -> verifyPassword ( $_REQUEST [ 'fieldValue' ]);
$data = array (
'verifyPassword' => $val
);
}
else {
LSdebug ( 'Impossible de récupérer le LSformElement' );
}
}
else {
LSdebug ( 'Impossible de recuperer le LSform.' );
}
2009-02-20 15:05:22 +01:00
}
}
}
public static function ajax_generatePassword ( & $data ) {
if (( isset ( $_REQUEST [ 'attribute' ])) && ( isset ( $_REQUEST [ 'objecttype' ])) && ( isset ( $_REQUEST [ 'objectdn' ])) && ( isset ( $_REQUEST [ 'idform' ])) ) {
if ( LSsession :: loadLSobject ( $_REQUEST [ 'objecttype' ])) {
2009-04-09 11:28:48 +02:00
$params = LSconfig :: get ( " LSobjects. " . $_REQUEST [ 'objecttype' ] . " .attrs. " . $_REQUEST [ 'attribute' ]);
$val = self :: generatePassword ( $params );
if ( $val ) {
$data = array (
'generatePassword' => $val
);
2009-02-20 15:05:22 +01:00
}
}
}
}
2010-04-27 15:52:45 +02:00
public static function ajax_viewHash ( & $data ) {
if (( isset ( $_REQUEST [ 'attribute' ])) && ( isset ( $_REQUEST [ 'objecttype' ])) && ( isset ( $_REQUEST [ 'objectdn' ])) ) {
if ( LSsession :: loadLSobject ( $_REQUEST [ 'objecttype' ])) {
$object = new $_REQUEST [ 'objecttype' ]();
$object -> loadData ( $_REQUEST [ 'objectdn' ]);
if ( LSsession :: canAccess ( $_REQUEST [ 'objecttype' ], $_REQUEST [ 'objectdn' ], null , $_REQUEST [ 'attribute' ])) {
$values = $object -> getValue ( $_REQUEST [ 'attribute' ]);
if ( is_string ( $values [ 0 ])) {
$data = array (
'hash' => $values [ 0 ]
);
}
}
}
}
}
2011-05-01 16:44:32 +02:00
public function isLoginPassword () {
if ( ! isset ( $this -> params [ 'html_options' ][ 'isLoginPassword' ]) || $this -> params [ 'html_options' ][ 'isLoginPassword' ]) {
return true ;
}
return false ;
}
2007-11-15 19:07:24 +01:00
}
2012-12-18 12:20:27 +01:00
/*
* Error Codes
*/
LSerror :: defineError ( 'LSformElement_password_01' ,
_ ( " LSformElement_password : No contact mail available to send password. " )
);
LSerror :: defineError ( 'LSformElement_password_02' ,
_ ( " LSformElement_password : Contact mail invalid (% { mail}). Can't send password. " )
);
2015-02-05 10:33:14 +01:00
LSerror :: defineError ( 'LSformElement_password_03' ,
_ ( " LSformElement_password : Fail to exec pwgen. Check it's correctly installed. " )
);
2018-02-08 18:16:23 +01:00
LSerror :: defineError ( 'LSformElement_password_04' ,
_ ( " LSformElement_password : Fail to determine witch e-mail attribute to use to send new password : get_mail_attr_function parameter not refer to a valid function. " )
);
LSerror :: defineError ( 'LSformElement_password_05' ,
_ ( " LSformElement_password : Fail to determine witch e-mail attribute to use to send new password : get_mail_attr_function throwed an exception : % { msg} " )
);