Author: coudot
Date: 2010-04-02 17:34:37 +0200 (Fri, 02 Apr 2010)
New Revision: 65
Added:
self-service-password/trunk/pages/
self-service-password/trunk/pages/change.php
self-service-password/trunk/style/help.png
self-service-password/trunk/style/light.png
Modified:
self-service-password/trunk/index.php
self-service-password/trunk/style/styles.css
Log:
* Work on CSS to provide light and shadow
* Add an action parameter to allow different functionnalities (questions,
reset, etc.)
Modified: self-service-password/trunk/index.php
===================================================================
--- self-service-password/trunk/index.php 2010-03-29 18:11:17 UTC (rev 64)
+++ self-service-password/trunk/index.php 2010-04-02 15:34:37 UTC (rev 65)
@@ -33,34 +33,8 @@
if($debug) error_reporting(E_ALL);
#==============================================================================
-# POST parameters
+# PHP modules
#==============================================================================
-# Initiate vars
-$result = "";
-$login = "";
-$confirmpassword = "";
-$newpassword = "";
-$oldpassword = "";
-if (!isset($pwd_forbidden_chars)) { $pwd_forbidden_chars=""; }
-
-if (isset($_POST["confirmpassword"]) and $_POST["confirmpassword"]) {
$confirmpassword = $_POST["confirmpassword"]; }
- else { $result = "confirmpasswordrequired"; }
-if (isset($_POST["newpassword"]) and $_POST["newpassword"]) { $newpassword =
$_POST["newpassword"]; }
- else { $result = "newpasswordrequired"; }
-if (isset($_POST["oldpassword"]) and $_POST["oldpassword"]) { $oldpassword =
$_POST["oldpassword"]; }
- else { $result = "oldpasswordrequired"; }
-if (isset($_REQUEST["login"]) and $_REQUEST["login"]) { $login =
$_REQUEST["login"]; }
- else { $result = "loginrequired"; }
-
-# Strip slashes added by PHP
-$login = stripslashes_if_gpc_magic_quotes($login);
-$oldpassword = stripslashes_if_gpc_magic_quotes($oldpassword);
-$newpassword = stripslashes_if_gpc_magic_quotes($newpassword);
-$confirmpassword = stripslashes_if_gpc_magic_quotes($confirmpassword);
-
-# Match new and confirm password
-if ( $newpassword != $confirmpassword ) { $result="nomatch"; }
-
# Check PHP-LDAP presence
if ( ! function_exists('ldap_connect') ) { $result="nophpldap"; }
@@ -68,158 +42,12 @@
if ( $samba_mode and ! function_exists('mhash') ) { $result="nophpmhash"; }
#==============================================================================
-# Check password strenght
+# Action (default: change password)
#==============================================================================
-if ( $result === "" ) {
+if (isset($_GET["action"]) and $_GET["action"]) { $action = $_GET["action"]; }
+ else { $action = "change"; }
- $length = strlen($newpassword);
- preg_match_all("/[a-z]/", $newpassword, $lower_res);
- $lower = count( $lower_res[0] );
- preg_match_all("/[A-Z]/", $newpassword, $upper_res);
- $upper = count( $upper_res[0] );
- preg_match_all("/[0-9]/", $newpassword, $digit_res);
- $digit = count( $digit_res[0] );
- preg_match_all("/[$pwd_special_chars]/", $newpassword, $special_res);
- $special = count( $special_res[0] );
- preg_match_all("/[$pwd_forbidden_chars]/", $newpassword, $forbidden_res);
- $forbidden = count( $forbidden_res[0] );
-
- # Minimal lenght
- if ( $pwd_min_length and $length < $pwd_min_length ) { $result="tooshort";
}
-
- # Maximal lenght
- if ( $pwd_max_length and $length > $pwd_max_length ) { $result="toobig"; }
-
- # Minimal lower chars
- if ( $pwd_min_lower and $lower < $pwd_min_lower ) { $result="minlower"; }
-
- # Minimal upper chars
- if ( $pwd_min_upper and $upper < $pwd_min_upper ) { $result="minupper"; }
-
- # Minimal digit chars
- if ( $pwd_min_digit and $digit < $pwd_min_digit ) { $result="mindigit"; }
-
- # Minimal special chars
- if ( $pwd_min_special and $special < $pwd_min_special ) {
$result="minspecial"; }
-
- # Forbidden chars
- if ( $forbidden > 0 ) { $result="forbiddenchars"; }
-}
-
#==============================================================================
-# Change password
-#==============================================================================
-if ( $result === "" ) {
-
- # Connect to LDAP
- $ldap = ldap_connect($ldap_url);
- ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
- ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
-
- # Bind
- if ( isset($ldap_binddn) && isset($ldap_bindpw) ) {
- $bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw);
- } else {
- $bind = ldap_bind($ldap);
- }
-
- $errno = ldap_errno($ldap);
- if ( $errno ) {
- $result = "ldaperror";
- error_log("LDAP - Bind error $errno (".ldap_error($ldap).")");
- } else {
-
- # Search for user
- $ldap_filter = str_replace("{login}", $login, $ldap_filter);
- $search = ldap_search($ldap, $ldap_base, $ldap_filter);
-
- $errno = ldap_errno($ldap);
- if ( $errno ) {
- $result = "ldaperror";
- error_log("LDAP - Search error $errno (".ldap_error($ldap).")");
- } else {
-
- # Get user DN
- $entry = ldap_first_entry($ldap, $search);
- $userdn = ldap_get_dn($ldap, $entry);
-
- if( !$userdn ) {
- $result = "badcredentials";
- error_log("LDAP - User $login not found");
- } else {
-
- # Bind with old password
- $bind = ldap_bind($ldap, $userdn, $oldpassword);
- $errno = ldap_errno($ldap);
- if ( $errno ) {
- $result = "badcredentials";
- error_log("LDAP - Bind user error $errno (".ldap_error($ldap).")");
- } else {
-
- # Set Samba password value
- if ( $samba_mode ) {
- $userdata["sambaNTPassword"] = make_md4_password($newpassword);
- $userdata["sambaPwdLastSet"] = time();
- }
-
- # Transform password value
- if ( $ad_mode ) {
- $newpassword = "\"" . $newpassword . "\"";
- $len = strlen($newpassword);
- for ($i = 0; $i < $len; $i++){
- $password .= "{$newpassword{$i}}\000";
- }
- $newpassword = $password;
- } else {
- # Hash password if needed
- if ( $hash == "SSHA" ) {
- $newpassword = make_ssha_password($newpassword);
- }
- if ( $hash == "SHA" ) {
- $newpassword = make_sha_password($newpassword);
- }
- if ( $hash == "SMD5" ) {
- $newpassword = make_smd5_password($newpassword);
- }
- if ( $hash == "MD5" ) {
- $newpassword = make_md5_password($newpassword);
- }
- if ( $hash == "CRYPT" ) {
- $newpassword = make_crypt_password($newpassword);
- }
- }
-
- # Rebind as Manager if needed
- if ( $who_change_password == "manager" ) {
- $bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw);
- }
-
- # Set password value
- if ( $ad_mode ) {
- $userdata["unicodePwd"] = $newpassword;
- } else {
- $userdata["userPassword"] = $newpassword;
- }
-
- # Commit modification on directory
- $replace = ldap_mod_replace($ldap, $userdn , $userdata);
-
- $errno = ldap_errno($ldap);
- if ( $errno ) {
- $result = "passworderror";
- error_log("LDAP - Modify password error $errno
(".ldap_error($ldap).")");
- } else {
- $result = "passwordchanged";
- }
-
- }}}}
-
- @ldap_close($ldap);
-}
-
-#==============================================================================
-# HTML
-#==============================================================================
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
@@ -238,39 +66,9 @@
<div id="content">
<h1><?php echo $messages[$lang]["title"]; ?></h1>
<img src="<?php echo $logo; ?>" alt="Logo" />
-<h2 class="<?php echo get_criticity($result) ?>"><?php echo
$messages[$lang][$result]; ?></h2>
-<?php if ( $result !== "passwordchanged" ) { ?>
-<?php
-if ( $pwd_show_policy ) {
- echo "<div class=\"policy\">\n";
- echo "<p>".$messages[$lang]["policy"]."</p>\n";
- echo "<ul>\n";
- if ( $pwd_min_length ) { echo
"<li>".$messages[$lang]["policyminlength"] ." $pwd_min_length</li>\n"; }
- if ( $pwd_max_length ) { echo
"<li>".$messages[$lang]["policymaxlength"] ." $pwd_max_length</li>\n"; }
- if ( $pwd_min_lower ) { echo
"<li>".$messages[$lang]["policyminlower"] ." $pwd_min_lower</li>\n"; }
- if ( $pwd_min_upper ) { echo
"<li>".$messages[$lang]["policyminupper"] ." $pwd_min_upper</li>\n"; }
- if ( $pwd_min_digit ) { echo
"<li>".$messages[$lang]["policymindigit"] ." $pwd_min_digit</li>\n"; }
- if ( $pwd_min_special ) { echo
"<li>".$messages[$lang]["policyminspecial"] ." $pwd_min_special</li>\n"; }
- if ( $pwd_forbidden_chars ) { echo
"<li>".$messages[$lang]["policyforbiddenchars"] ."
$pwd_forbidden_chars</li>\n"; }
- echo "</ul>\n";
- echo "</div>\n";
-}
-?>
-<form action="#" method="post">
- <table>
- <tr><th><?php echo $messages[$lang]["login"]; ?></th>
- <td><input type="text" name="login" value="<?php echo htmlentities($login)
?>" /></td></tr>
- <tr><th><?php echo $messages[$lang]["oldpassword"]; ?></th>
- <td><input type="password" name="oldpassword" /></td></tr>
- <tr><th><?php echo $messages[$lang]["newpassword"]; ?></th>
- <td><input type="password" name="newpassword" /></td></tr>
- <tr><th><?php echo $messages[$lang]["confirmpassword"]; ?></th>
- <td><input type="password" name="confirmpassword" /></td></tr>
- <tr><td colspan="2">
- <input type="submit" value="<?php echo $messages[$lang]['submit']; ?>"
/></td></tr>
- </table>
-</form>
-<?php } ?>
+
+<?php include("pages/$action.php") ?>
+
</div>
</body>
Added: self-service-password/trunk/pages/change.php
===================================================================
--- self-service-password/trunk/pages/change.php
(rev 0)
+++ self-service-password/trunk/pages/change.php 2010-04-02 15:34:37 UTC
(rev 65)
@@ -0,0 +1,242 @@
+<?php
+#==============================================================================
+# LTB Self Service Password
+#
+# Copyright (C) 2009 Clement OUDOT
+# Copyright (C) 2009 LTB-project.org
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# GPL License: http://www.gnu.org/licenses/gpl.txt
+#
+#==============================================================================
+
+# This page is called to change password
+
+#==============================================================================
+# POST parameters
+#==============================================================================
+# Initiate vars
+$result = "";
+$login = "";
+$confirmpassword = "";
+$newpassword = "";
+$oldpassword = "";
+if (!isset($pwd_forbidden_chars)) { $pwd_forbidden_chars=""; }
+
+if (isset($_POST["confirmpassword"]) and $_POST["confirmpassword"]) {
$confirmpassword = $_POST["confirmpassword"]; }
+ else { $result = "confirmpasswordrequired"; }
+if (isset($_POST["newpassword"]) and $_POST["newpassword"]) { $newpassword =
$_POST["newpassword"]; }
+ else { $result = "newpasswordrequired"; }
+if (isset($_POST["oldpassword"]) and $_POST["oldpassword"]) { $oldpassword =
$_POST["oldpassword"]; }
+ else { $result = "oldpasswordrequired"; }
+if (isset($_REQUEST["login"]) and $_REQUEST["login"]) { $login =
$_REQUEST["login"]; }
+ else { $result = "loginrequired"; }
+
+# Strip slashes added by PHP
+$login = stripslashes_if_gpc_magic_quotes($login);
+$oldpassword = stripslashes_if_gpc_magic_quotes($oldpassword);
+$newpassword = stripslashes_if_gpc_magic_quotes($newpassword);
+$confirmpassword = stripslashes_if_gpc_magic_quotes($confirmpassword);
+
+# Match new and confirm password
+if ( $newpassword != $confirmpassword ) { $result="nomatch"; }
+
+#==============================================================================
+# Check password strenght
+#==============================================================================
+if ( $result === "" ) {
+
+ $length = strlen($newpassword);
+ preg_match_all("/[a-z]/", $newpassword, $lower_res);
+ $lower = count( $lower_res[0] );
+ preg_match_all("/[A-Z]/", $newpassword, $upper_res);
+ $upper = count( $upper_res[0] );
+ preg_match_all("/[0-9]/", $newpassword, $digit_res);
+ $digit = count( $digit_res[0] );
+ preg_match_all("/[$pwd_special_chars]/", $newpassword, $special_res);
+ $special = count( $special_res[0] );
+ preg_match_all("/[$pwd_forbidden_chars]/", $newpassword, $forbidden_res);
+ $forbidden = count( $forbidden_res[0] );
+
+ # Minimal lenght
+ if ( $pwd_min_length and $length < $pwd_min_length ) { $result="tooshort";
}
+
+ # Maximal lenght
+ if ( $pwd_max_length and $length > $pwd_max_length ) { $result="toobig"; }
+
+ # Minimal lower chars
+ if ( $pwd_min_lower and $lower < $pwd_min_lower ) { $result="minlower"; }
+
+ # Minimal upper chars
+ if ( $pwd_min_upper and $upper < $pwd_min_upper ) { $result="minupper"; }
+
+ # Minimal digit chars
+ if ( $pwd_min_digit and $digit < $pwd_min_digit ) { $result="mindigit"; }
+
+ # Minimal special chars
+ if ( $pwd_min_special and $special < $pwd_min_special ) {
$result="minspecial"; }
+
+ # Forbidden chars
+ if ( $forbidden > 0 ) { $result="forbiddenchars"; }
+}
+
+#==============================================================================
+# Change password
+#==============================================================================
+if ( $result === "" ) {
+
+ # Connect to LDAP
+ $ldap = ldap_connect($ldap_url);
+ ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
+ ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
+
+ # Bind
+ if ( isset($ldap_binddn) && isset($ldap_bindpw) ) {
+ $bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw);
+ } else {
+ $bind = ldap_bind($ldap);
+ }
+
+ $errno = ldap_errno($ldap);
+ if ( $errno ) {
+ $result = "ldaperror";
+ error_log("LDAP - Bind error $errno (".ldap_error($ldap).")");
+ } else {
+
+ # Search for user
+ $ldap_filter = str_replace("{login}", $login, $ldap_filter);
+ $search = ldap_search($ldap, $ldap_base, $ldap_filter);
+
+ $errno = ldap_errno($ldap);
+ if ( $errno ) {
+ $result = "ldaperror";
+ error_log("LDAP - Search error $errno (".ldap_error($ldap).")");
+ } else {
+
+ # Get user DN
+ $entry = ldap_first_entry($ldap, $search);
+ $userdn = ldap_get_dn($ldap, $entry);
+
+ if( !$userdn ) {
+ $result = "badcredentials";
+ error_log("LDAP - User $login not found");
+ } else {
+
+ # Bind with old password
+ $bind = ldap_bind($ldap, $userdn, $oldpassword);
+ $errno = ldap_errno($ldap);
+ if ( $errno ) {
+ $result = "badcredentials";
+ error_log("LDAP - Bind user error $errno (".ldap_error($ldap).")");
+ } else {
+
+ # Set Samba password value
+ if ( $samba_mode ) {
+ $userdata["sambaNTPassword"] = make_md4_password($newpassword);
+ $userdata["sambaPwdLastSet"] = time();
+ }
+
+ # Transform password value
+ if ( $ad_mode ) {
+ $newpassword = "\"" . $newpassword . "\"";
+ $len = strlen($newpassword);
+ for ($i = 0; $i < $len; $i++){
+ $password .= "{$newpassword{$i}}\000";
+ }
+ $newpassword = $password;
+ } else {
+ # Hash password if needed
+ if ( $hash == "SSHA" ) {
+ $newpassword = make_ssha_password($newpassword);
+ }
+ if ( $hash == "SHA" ) {
+ $newpassword = make_sha_password($newpassword);
+ }
+ if ( $hash == "SMD5" ) {
+ $newpassword = make_smd5_password($newpassword);
+ }
+ if ( $hash == "MD5" ) {
+ $newpassword = make_md5_password($newpassword);
+ }
+ if ( $hash == "CRYPT" ) {
+ $newpassword = make_crypt_password($newpassword);
+ }
+ }
+
+ # Rebind as Manager if needed
+ if ( $who_change_password == "manager" ) {
+ $bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw);
+ }
+
+ # Set password value
+ if ( $ad_mode ) {
+ $userdata["unicodePwd"] = $newpassword;
+ } else {
+ $userdata["userPassword"] = $newpassword;
+ }
+
+ # Commit modification on directory
+ $replace = ldap_mod_replace($ldap, $userdn , $userdata);
+
+ $errno = ldap_errno($ldap);
+ if ( $errno ) {
+ $result = "passworderror";
+ error_log("LDAP - Modify password error $errno
(".ldap_error($ldap).")");
+ } else {
+ $result = "passwordchanged";
+ }
+
+ }}}}
+
+ @ldap_close($ldap);
+}
+
+#==============================================================================
+# HTML
+#==============================================================================
+?>
+
+<div class="result <?php echo get_criticity($result) ?>">
+<h2 class="<?php echo get_criticity($result) ?>"><?php echo
$messages[$lang][$result]; ?></h2>
+</div>
+<?php if ( $result !== "passwordchanged" ) { ?>
+<?php
+if ( $pwd_show_policy ) {
+ echo "<div class=\"help\">\n";
+ echo "<p>".$messages[$lang]["policy"]."</p>\n";
+ echo "<ul>\n";
+ if ( $pwd_min_length ) { echo
"<li>".$messages[$lang]["policyminlength"] ." $pwd_min_length</li>\n"; }
+ if ( $pwd_max_length ) { echo
"<li>".$messages[$lang]["policymaxlength"] ." $pwd_max_length</li>\n"; }
+ if ( $pwd_min_lower ) { echo
"<li>".$messages[$lang]["policyminlower"] ." $pwd_min_lower</li>\n"; }
+ if ( $pwd_min_upper ) { echo
"<li>".$messages[$lang]["policyminupper"] ." $pwd_min_upper</li>\n"; }
+ if ( $pwd_min_digit ) { echo
"<li>".$messages[$lang]["policymindigit"] ." $pwd_min_digit</li>\n"; }
+ if ( $pwd_min_special ) { echo
"<li>".$messages[$lang]["policyminspecial"] ." $pwd_min_special</li>\n"; }
+ if ( $pwd_forbidden_chars ) { echo
"<li>".$messages[$lang]["policyforbiddenchars"] ."
$pwd_forbidden_chars</li>\n"; }
+ echo "</ul>\n";
+ echo "</div>\n";
+}
+?>
+<form action="#" method="post">
+ <table>
+ <tr><th><?php echo $messages[$lang]["login"]; ?></th>
+ <td><input type="text" name="login" value="<?php echo htmlentities($login)
?>" /></td></tr>
+ <tr><th><?php echo $messages[$lang]["oldpassword"]; ?></th>
+ <td><input type="password" name="oldpassword" /></td></tr>
+ <tr><th><?php echo $messages[$lang]["newpassword"]; ?></th>
+ <td><input type="password" name="newpassword" /></td></tr>
+ <tr><th><?php echo $messages[$lang]["confirmpassword"]; ?></th>
+ <td><input type="password" name="confirmpassword" /></td></tr>
+ <tr><td colspan="2">
+ <input type="submit" value="<?php echo $messages[$lang]['submit']; ?>"
/></td></tr>
+ </table>
+</form>
+<?php } ?>
Added: self-service-password/trunk/style/help.png
===================================================================
(Binary files differ)
Property changes on: self-service-password/trunk/style/help.png
___________________________________________________________________
Added: svn:mime-type
+ application/octet-stream
Added: self-service-password/trunk/style/light.png
===================================================================
(Binary files differ)
Property changes on: self-service-password/trunk/style/light.png
___________________________________________________________________
Added: svn:mime-type
+ application/octet-stream
Modified: self-service-password/trunk/style/styles.css
===================================================================
--- self-service-password/trunk/style/styles.css 2010-03-29 18:11:17 UTC
(rev 64)
+++ self-service-password/trunk/style/styles.css 2010-04-02 15:34:37 UTC
(rev 65)
@@ -42,11 +42,18 @@
}
/* Rounded corner */
-form, div, h1, h2 {
+form, div, h1 {
-moz-border-radius:10px;
-webkit-border-radius:10px;
}
+/* Shadow and light */
+form, div, h1 {
+-webkit-box-shadow:0 3px 6px rgba(0,0,0,.25);
+-moz-box-shadow:0 3px 6px rgba(0,0,0,.25);
+background: url("light.png") no-repeat;
+}
+
h1 {
padding:5px;
margin:10px 20%;
@@ -84,12 +91,16 @@
text-align: right;
}
-form input {
+form input, form select {
border:1px solid #c2e1ef;
padding:5px;
width: 200px;
}
+form select {
+width: 230px;
+}
+
form input[name=login] {
background:#FFFFFF url("user_suit.png") 5px 5px no-repeat;
padding-left:25px;
@@ -100,6 +111,11 @@
padding-left: 25px;
}
+form input[name=answer] {
+background:#FFFFFF url("help.png") 5px 5px no-repeat;
+padding-left: 25px;
+}
+
form input[type=submit] {
margin-top:20px;
font-weight:bold;
@@ -107,32 +123,48 @@
}
/* Message criticity */
-h2 {
-padding:5px;
+div.result {
margin:10px 20%;
-font-size:14pt;
}
-h2.ok {
-background:#e6efc2 url("accept.png") 20px 7px no-repeat;
+div.ok {
+background-color:#e6efc2;
border:2px solid #C6D880;
color:#529214;
}
-h2.warning {
-background:#ffe17a url("error.png") 20px 7px no-repeat;
+div.warning {
+background-color:#ffe17a;
border:2px solid #ffca10;
color:#a03400
}
-h2.critical {
-background:#fbe3e4 url("exclamation.png") 20px 7px no-repeat;
+div.critical {
+background-color:#fbe3e4;
border:2px solid #fbc2c4;
color:#d12f19;
}
+
+h2 {
+padding:5px;
+font-size:14pt;
+}
+
+h2.ok {
+background:url("accept.png") 20px 7px no-repeat;
+}
+
+h2.warning {
+background:url("error.png") 20px 7px no-repeat;
+}
+
+h2.critical {
+background:url("exclamation.png") 20px 7px no-repeat;
+}
+
/* Policy */
-div.policy {
+div.help {
padding:10px;
margin:10px 20%;
background-color:#ffe17a;
@@ -141,7 +173,7 @@
text-align:left;
}
-div.policy p {
+div.help p {
margin:0;
font-weight:bold;
}
_______________________________________________
ltb-changes mailing list
[email protected]
http://lists.ltb-project.org/listinfo/ltb-changes
