mirror of
https://gitlab.easter-eggs.com/ee/ldapsaisie.git
synced 2024-11-26 11:52:59 +01:00
- LSmail : Ajout du paramètre $headers à la méthode sendMail()
- LSsession_recoverPassword : Utilisation de LSaddon::mail plutôt que de la commande mail() directement.
This commit is contained in:
parent
c8badaaa6c
commit
6710a1a51f
2 changed files with 93 additions and 95 deletions
|
@ -130,16 +130,15 @@
|
||||||
*
|
*
|
||||||
* @retval boolean true si MAIL est pleinement supporté, false sinon
|
* @retval boolean true si MAIL est pleinement supporté, false sinon
|
||||||
*/
|
*/
|
||||||
function sendMail($to,$subject,$msg) {
|
function sendMail($to,$subject,$msg,$headers=array()) {
|
||||||
$mail_obj = & Mail::factory(MAIL_SEND_METHOD, $MAIL_SEND_PARAMS);
|
$mail_obj = & Mail::factory(MAIL_SEND_METHOD, $MAIL_SEND_PARAMS);
|
||||||
|
|
||||||
if(is_array($MAIL_HEARDERS)) {
|
if(is_array($MAIL_HEARDERS)) {
|
||||||
$headers = $MAIL_HEARDERS;
|
$headers = array_merge($headers,$MAIL_HEARDERS);
|
||||||
}
|
}
|
||||||
else {
|
if ($subject) {
|
||||||
$headers = array();
|
$headers["Subject"] = $subject;
|
||||||
}
|
}
|
||||||
$headers["Subject"] = $subject;
|
|
||||||
if (!isset($headers['From']) && ($GLOBALS['LSsession'] -> getEmailSender() != "")) {
|
if (!isset($headers['From']) && ($GLOBALS['LSsession'] -> getEmailSender() != "")) {
|
||||||
$headers['From'] = $GLOBALS['LSsession'] -> getEmailSender();
|
$headers['From'] = $GLOBALS['LSsession'] -> getEmailSender();
|
||||||
}
|
}
|
||||||
|
|
|
@ -329,104 +329,57 @@ class LSsession {
|
||||||
if (isset($_GET['LSsession_recoverPassword'])) {
|
if (isset($_GET['LSsession_recoverPassword'])) {
|
||||||
LSdebug('Recover : Id trouvé');
|
LSdebug('Recover : Id trouvé');
|
||||||
if ($this -> ldapServer['recoverPassword']) {
|
if ($this -> ldapServer['recoverPassword']) {
|
||||||
LSdebug('Récupération active');
|
if ($this -> loadLSaddon('mail')) {
|
||||||
$user=$result[0];
|
LSdebug('Récupération active');
|
||||||
$emailAddress = $user -> getValue($this -> ldapServer['recoverPassword']['mailAttr']);
|
$user=$result[0];
|
||||||
$emailAddress = $emailAddress[0];
|
$emailAddress = $user -> getValue($this -> ldapServer['recoverPassword']['mailAttr']);
|
||||||
|
$emailAddress = $emailAddress[0];
|
||||||
|
|
||||||
// Header des mails
|
// Header des mails
|
||||||
$headers="Content-Type: text/plain; charset=UTF-8; format=flowed";
|
$sendParams=array();
|
||||||
if ($this -> ldapServer['recoverPassword']['recoveryEmailSender']) {
|
if ($this -> ldapServer['recoverPassword']['recoveryEmailSender']) {
|
||||||
$headers.="\nFrom: ".$this -> ldapServer['recoverPassword']['recoveryEmailSender'];
|
$sendParams['From']=$this -> ldapServer['recoverPassword']['recoveryEmailSender'];
|
||||||
}
|
|
||||||
else if($this -> getEmailSender()) {
|
|
||||||
$headers.="\nFrom: ".$this -> getEmailSender();
|
|
||||||
}
|
|
||||||
|
|
||||||
if (checkEmail($emailAddress)) {
|
|
||||||
LSdebug('Email : '.$emailAddress);
|
|
||||||
$this -> dn = $user -> getDn();
|
|
||||||
// 1ère étape : envoie du recoveryHash
|
|
||||||
if (!isset($_GET['recoveryHash'])) {
|
|
||||||
// Generer un hash
|
|
||||||
$rdn=$user -> getValue('rdn');
|
|
||||||
$rdn = $rdn[0];
|
|
||||||
$recovery_hash = md5($rdn . strval(time()) . strval(rand()));
|
|
||||||
|
|
||||||
$lostPasswdForm = $user -> getForm('lostPassword');
|
|
||||||
$lostPasswdForm -> setPostData(
|
|
||||||
array(
|
|
||||||
$this -> ldapServer['recoverPassword']['recoveryHashAttr'] => $recovery_hash
|
|
||||||
)
|
|
||||||
,true
|
|
||||||
);
|
|
||||||
|
|
||||||
if($lostPasswdForm -> validate()) {
|
|
||||||
if ($user -> updateData('lostPassword')) {
|
|
||||||
// recoveryHash de l'utilisateur mis à jour
|
|
||||||
if ($_SERVER['HTTPS']=='on') {
|
|
||||||
$recovery_url='https://';
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$recovery_url='http://';
|
|
||||||
}
|
|
||||||
$recovery_url .= $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'].'&recoveryHash='.$recovery_hash;
|
|
||||||
|
|
||||||
if (
|
|
||||||
mail(
|
|
||||||
$emailAddress,
|
|
||||||
$this -> ldapServer['recoverPassword']['recoveryHashMail']['subject'],
|
|
||||||
getFData($this -> ldapServer['recoverPassword']['recoveryHashMail']['msg'],$recovery_url),
|
|
||||||
$headers
|
|
||||||
)
|
|
||||||
){
|
|
||||||
// Mail a bien été envoyé
|
|
||||||
$recoveryPasswordInfos['recoveryHashMail']=$emailAddress;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
// Problème durant l'envoie du mail
|
|
||||||
LSdebug("Problème durant l'envoie du mail");
|
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(1020);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
// Erreur durant la mise à jour de l'objet
|
|
||||||
LSdebug("Erreur durant la mise à jour de l'objet");
|
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(1020);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
// Erreur durant la validation du formulaire de modification de perte de password
|
|
||||||
LSdebug("Erreur durant la validation du formulaire de modification de perte de password");
|
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(1020);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
// 2nd étape : génération du mot de passe + envoie par mail
|
|
||||||
else {
|
if (checkEmail($emailAddress)) {
|
||||||
$attr=$user -> attrs[$this -> ldapServer['authobject_pwdattr']];
|
LSdebug('Email : '.$emailAddress);
|
||||||
if ($attr instanceof LSattribute) {
|
$this -> dn = $user -> getDn();
|
||||||
$mdp = generatePassword($attr -> config['html_options']['chars'],$attr -> config['html_options']['lenght']);
|
// 1ère étape : envoie du recoveryHash
|
||||||
LSdebug('Nvx mpd : '.$mdp);
|
if (!isset($_GET['recoveryHash'])) {
|
||||||
|
// Generer un hash
|
||||||
|
$rdn=$user -> getValue('rdn');
|
||||||
|
$rdn = $rdn[0];
|
||||||
|
$recovery_hash = md5($rdn . strval(time()) . strval(rand()));
|
||||||
|
|
||||||
$lostPasswdForm = $user -> getForm('lostPassword');
|
$lostPasswdForm = $user -> getForm('lostPassword');
|
||||||
$lostPasswdForm -> setPostData(
|
$lostPasswdForm -> setPostData(
|
||||||
array(
|
array(
|
||||||
$this -> ldapServer['recoverPassword']['recoveryHashAttr'] => array(''),
|
$this -> ldapServer['recoverPassword']['recoveryHashAttr'] => $recovery_hash
|
||||||
$this -> ldapServer['authobject_pwdattr'] => array($mdp)
|
|
||||||
)
|
)
|
||||||
,true
|
,true
|
||||||
);
|
);
|
||||||
|
|
||||||
if($lostPasswdForm -> validate()) {
|
if($lostPasswdForm -> validate()) {
|
||||||
if ($user -> updateData('lostPassword')) {
|
if ($user -> updateData('lostPassword')) {
|
||||||
|
// recoveryHash de l'utilisateur mis à jour
|
||||||
|
if ($_SERVER['HTTPS']=='on') {
|
||||||
|
$recovery_url='https://';
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$recovery_url='http://';
|
||||||
|
}
|
||||||
|
$recovery_url .= $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'].'&recoveryHash='.$recovery_hash;
|
||||||
|
|
||||||
if (
|
if (
|
||||||
mail(
|
sendMail(
|
||||||
$emailAddress,
|
$emailAddress,
|
||||||
$this -> ldapServer['recoverPassword']['newPasswordMail']['subject'],
|
$this -> ldapServer['recoverPassword']['recoveryHashMail']['subject'],
|
||||||
getFData($this -> ldapServer['recoverPassword']['newPasswordMail']['msg'],$mdp),
|
getFData($this -> ldapServer['recoverPassword']['recoveryHashMail']['msg'],$recovery_url),
|
||||||
$headers
|
$sendParams
|
||||||
)
|
)
|
||||||
){
|
){
|
||||||
// Mail a bien été envoyé
|
// Mail a bien été envoyé
|
||||||
$recoveryPasswordInfos['newPasswordMail']=$emailAddress;
|
$recoveryPasswordInfos['recoveryHashMail']=$emailAddress;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
// Problème durant l'envoie du mail
|
// Problème durant l'envoie du mail
|
||||||
|
@ -446,15 +399,61 @@ class LSsession {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(1020);
|
$GLOBALS['LSerror'] -> addErrorCode(1020);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// 2nd étape : génération du mot de passe + envoie par mail
|
||||||
else {
|
else {
|
||||||
// l'attribut password n'existe pas
|
$attr=$user -> attrs[$this -> ldapServer['authobject_pwdattr']];
|
||||||
LSdebug("L'attribut password n'existe pas");
|
if ($attr instanceof LSattribute) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(1020);
|
$mdp = generatePassword($attr -> config['html_options']['chars'],$attr -> config['html_options']['lenght']);
|
||||||
|
LSdebug('Nvx mpd : '.$mdp);
|
||||||
|
$lostPasswdForm = $user -> getForm('lostPassword');
|
||||||
|
$lostPasswdForm -> setPostData(
|
||||||
|
array(
|
||||||
|
$this -> ldapServer['recoverPassword']['recoveryHashAttr'] => array(''),
|
||||||
|
$this -> ldapServer['authobject_pwdattr'] => array($mdp)
|
||||||
|
)
|
||||||
|
,true
|
||||||
|
);
|
||||||
|
if($lostPasswdForm -> validate()) {
|
||||||
|
if ($user -> updateData('lostPassword')) {
|
||||||
|
if (
|
||||||
|
sendMail(
|
||||||
|
$emailAddress,
|
||||||
|
$this -> ldapServer['recoverPassword']['newPasswordMail']['subject'],
|
||||||
|
getFData($this -> ldapServer['recoverPassword']['newPasswordMail']['msg'],$mdp),
|
||||||
|
$sendParams
|
||||||
|
)
|
||||||
|
){
|
||||||
|
// Mail a bien été envoyé
|
||||||
|
$recoveryPasswordInfos['newPasswordMail']=$emailAddress;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
// Problème durant l'envoie du mail
|
||||||
|
LSdebug("Problème durant l'envoie du mail");
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1020);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
// Erreur durant la mise à jour de l'objet
|
||||||
|
LSdebug("Erreur durant la mise à jour de l'objet");
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1020);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
// Erreur durant la validation du formulaire de modification de perte de password
|
||||||
|
LSdebug("Erreur durant la validation du formulaire de modification de perte de password");
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1020);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
// l'attribut password n'existe pas
|
||||||
|
LSdebug("L'attribut password n'existe pas");
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1020);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
else {
|
||||||
else {
|
$GLOBALS['LSerror'] -> addErrorCode(1019);
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(1019);
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|
Loading…
Reference in a new issue