bn8/ldapsaisie
1
0
Fork 0
mirror of https://gitlab.easter-eggs.com/ee/ldapsaisie.git synced 2024-11-22 18:09:06 +01:00
Code Issues Projects Releases Wiki Activity

- LSmail : Ajout du paramètre $headers à la méthode sendMail()

Browse source 
- LSsession_recoverPassword : Utilisation de LSaddon::mail plutôt que de la 
	commande mail() directement.
This commit is contained in:
Benjamin Renard 2008-10-14 16:21:36 +00:00
parent c8badaaa6c
commit 6710a1a51f
2 changed files with 93 additions and 95 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
trunk/includes/addons/LSaddons.mail.php
View file

@ -130,16 +130,15 @@
* *
* @retval boolean true si MAIL est pleinement supporté, false sinon * @retval boolean true si MAIL est pleinement supporté, false sinon
*/ */
function sendMail($to,$subject,$msg) { function sendMail($to,$subject,$msg,$headers=array()) {
$mail_obj = & Mail::factory(MAIL_SEND_METHOD, $MAIL_SEND_PARAMS); $mail_obj = & Mail::factory(MAIL_SEND_METHOD, $MAIL_SEND_PARAMS);
if(is_array($MAIL_HEARDERS)) { if(is_array($MAIL_HEARDERS)) {
$headers = $MAIL_HEARDERS; $headers = array_merge($headers,$MAIL_HEARDERS);
} }
else { if ($subject) {
$headers = array(); $headers["Subject"] = $subject;
} }
$headers["Subject"] = $subject;
if (!isset($headers['From']) && ($GLOBALS['LSsession'] -> getEmailSender() != "")) { if (!isset($headers['From']) && ($GLOBALS['LSsession'] -> getEmailSender() != "")) {
$headers['From'] = $GLOBALS['LSsession'] -> getEmailSender(); $headers['From'] = $GLOBALS['LSsession'] -> getEmailSender();
} }

179
trunk/includes/class/class.LSsession.php
View file

@ -329,104 +329,57 @@ class LSsession {
if (isset($_GET['LSsession_recoverPassword'])) { if (isset($_GET['LSsession_recoverPassword'])) {
LSdebug('Recover : Id trouvé'); LSdebug('Recover : Id trouvé');
if ($this -> ldapServer['recoverPassword']) { if ($this -> ldapServer['recoverPassword']) {
LSdebug('Récupération active'); if ($this -> loadLSaddon('mail')) {
$user=$result[0]; LSdebug('Récupération active');
$emailAddress = $user -> getValue($this -> ldapServer['recoverPassword']['mailAttr']); $user=$result[0];
$emailAddress = $emailAddress[0]; $emailAddress = $user -> getValue($this -> ldapServer['recoverPassword']['mailAttr']);
$emailAddress = $emailAddress[0];
// Header des mails
$headers="Content-Type: text/plain; charset=UTF-8; format=flowed"; // Header des mails
if ($this -> ldapServer['recoverPassword']['recoveryEmailSender']) { $sendParams=array();
$headers.="\nFrom: ".$this -> ldapServer['recoverPassword']['recoveryEmailSender']; if ($this -> ldapServer['recoverPassword']['recoveryEmailSender']) {
} $sendParams['From']=$this -> ldapServer['recoverPassword']['recoveryEmailSender'];
else if($this -> getEmailSender()) {
$headers.="\nFrom: ".$this -> getEmailSender();
}
if (checkEmail($emailAddress)) {
LSdebug('Email : '.$emailAddress);
$this -> dn = $user -> getDn();
// 1ère étape : envoie du recoveryHash
if (!isset($_GET['recoveryHash'])) {
// Generer un hash
$rdn=$user -> getValue('rdn');
$rdn = $rdn[0];
$recovery_hash = md5($rdn . strval(time()) . strval(rand()));
$lostPasswdForm = $user -> getForm('lostPassword');
$lostPasswdForm -> setPostData(
array(
$this -> ldapServer['recoverPassword']['recoveryHashAttr'] => $recovery_hash
)
,true
);
if($lostPasswdForm -> validate()) {
if ($user -> updateData('lostPassword')) {
// recoveryHash de l'utilisateur mis à jour
if ($_SERVER['HTTPS']=='on') {
$recovery_url='https://';
}
else {
$recovery_url='http://';
}
$recovery_url .= $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'].'&recoveryHash='.$recovery_hash;
if (
mail(
$emailAddress,
$this -> ldapServer['recoverPassword']['recoveryHashMail']['subject'],
getFData($this -> ldapServer['recoverPassword']['recoveryHashMail']['msg'],$recovery_url),
$headers
)
){
// Mail a bien été envoyé
$recoveryPasswordInfos['recoveryHashMail']=$emailAddress;
}
else {
// Problème durant l'envoie du mail
LSdebug("Problème durant l'envoie du mail");
$GLOBALS['LSerror'] -> addErrorCode(1020);
}
}
else {
// Erreur durant la mise à jour de l'objet
LSdebug("Erreur durant la mise à jour de l'objet");
$GLOBALS['LSerror'] -> addErrorCode(1020);
}
}
else {
// Erreur durant la validation du formulaire de modification de perte de password
LSdebug("Erreur durant la validation du formulaire de modification de perte de password");
$GLOBALS['LSerror'] -> addErrorCode(1020);
}
} }
// 2nd étape : génération du mot de passe + envoie par mail
else { if (checkEmail($emailAddress)) {
$attr=$user -> attrs[$this -> ldapServer['authobject_pwdattr']]; LSdebug('Email : '.$emailAddress);
if ($attr instanceof LSattribute) { $this -> dn = $user -> getDn();
$mdp = generatePassword($attr -> config['html_options']['chars'],$attr -> config['html_options']['lenght']); // 1ère étape : envoie du recoveryHash
LSdebug('Nvx mpd : '.$mdp); if (!isset($_GET['recoveryHash'])) {
// Generer un hash
$rdn=$user -> getValue('rdn');
$rdn = $rdn[0];
$recovery_hash = md5($rdn . strval(time()) . strval(rand()));
$lostPasswdForm = $user -> getForm('lostPassword'); $lostPasswdForm = $user -> getForm('lostPassword');
$lostPasswdForm -> setPostData( $lostPasswdForm -> setPostData(
array( array(
$this -> ldapServer['recoverPassword']['recoveryHashAttr'] => array(''), $this -> ldapServer['recoverPassword']['recoveryHashAttr'] => $recovery_hash
$this -> ldapServer['authobject_pwdattr'] => array($mdp)
) )
,true ,true
); );
if($lostPasswdForm -> validate()) { if($lostPasswdForm -> validate()) {
if ($user -> updateData('lostPassword')) { if ($user -> updateData('lostPassword')) {
// recoveryHash de l'utilisateur mis à jour
if ($_SERVER['HTTPS']=='on') {
$recovery_url='https://';
}
else {
$recovery_url='http://';
}
$recovery_url .= $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'].'&recoveryHash='.$recovery_hash;
if ( if (
mail( sendMail(
$emailAddress, $emailAddress,
$this -> ldapServer['recoverPassword']['newPasswordMail']['subject'], $this -> ldapServer['recoverPassword']['recoveryHashMail']['subject'],
getFData($this -> ldapServer['recoverPassword']['newPasswordMail']['msg'],$mdp), getFData($this -> ldapServer['recoverPassword']['recoveryHashMail']['msg'],$recovery_url),
$headers $sendParams
) )
){ ){
// Mail a bien été envoyé // Mail a bien été envoyé
$recoveryPasswordInfos['newPasswordMail']=$emailAddress; $recoveryPasswordInfos['recoveryHashMail']=$emailAddress;
} }
else { else {
// Problème durant l'envoie du mail // Problème durant l'envoie du mail
@ -446,15 +399,61 @@ class LSsession {
$GLOBALS['LSerror'] -> addErrorCode(1020); $GLOBALS['LSerror'] -> addErrorCode(1020);
} }
} }
// 2nd étape : génération du mot de passe + envoie par mail
else { else {
// l'attribut password n'existe pas $attr=$user -> attrs[$this -> ldapServer['authobject_pwdattr']];
LSdebug("L'attribut password n'existe pas"); if ($attr instanceof LSattribute) {
$GLOBALS['LSerror'] -> addErrorCode(1020); $mdp = generatePassword($attr -> config['html_options']['chars'],$attr -> config['html_options']['lenght']);
LSdebug('Nvx mpd : '.$mdp);
$lostPasswdForm = $user -> getForm('lostPassword');
$lostPasswdForm -> setPostData(
array(
$this -> ldapServer['recoverPassword']['recoveryHashAttr'] => array(''),
$this -> ldapServer['authobject_pwdattr'] => array($mdp)
)
,true
);
if($lostPasswdForm -> validate()) {
if ($user -> updateData('lostPassword')) {
if (
sendMail(
$emailAddress,
$this -> ldapServer['recoverPassword']['newPasswordMail']['subject'],
getFData($this -> ldapServer['recoverPassword']['newPasswordMail']['msg'],$mdp),
$sendParams
)
){
// Mail a bien été envoyé
$recoveryPasswordInfos['newPasswordMail']=$emailAddress;
}
else {
// Problème durant l'envoie du mail
LSdebug("Problème durant l'envoie du mail");
$GLOBALS['LSerror'] -> addErrorCode(1020);
}
}
else {
// Erreur durant la mise à jour de l'objet
LSdebug("Erreur durant la mise à jour de l'objet");
$GLOBALS['LSerror'] -> addErrorCode(1020);
}
}
else {
// Erreur durant la validation du formulaire de modification de perte de password
LSdebug("Erreur durant la validation du formulaire de modification de perte de password");
$GLOBALS['LSerror'] -> addErrorCode(1020);
}
}
else {
// l'attribut password n'existe pas
LSdebug("L'attribut password n'existe pas");
$GLOBALS['LSerror'] -> addErrorCode(1020);
}
} }
} }
} else {
else { $GLOBALS['LSerror'] -> addErrorCode(1019);
$GLOBALS['LSerror'] -> addErrorCode(1019); }
} }
} }
else { else {