Module: nagvis Branch: master Commit: 138bf0029e9e4510bbed62482a5396a303c82e36 URL: http://nagvis.git.sourceforge.net/git/gitweb.cgi?p=nagvis/nagvis;a=commit;h=138bf0029e9e4510bbed62482a5396a303c82e36
Author: LaMi <[email protected]> Date: Wed Nov 4 22:39:45 2009 +0100 Recoded hacks from the last days; The password change module is now splitted in frontend and backend module as the module design requires --- .../nagvis-js/classes/FrontendRequestHandler.php | 7 + .../server/core/classes/CoreModChangePassword.php | 118 ++++++++++++++++++++ 2 files changed, 125 insertions(+), 0 deletions(-) diff --git a/share/frontend/nagvis-js/classes/FrontendRequestHandler.php b/share/frontend/nagvis-js/classes/FrontendRequestHandler.php new file mode 100644 index 0000000..e8952cb --- /dev/null +++ b/share/frontend/nagvis-js/classes/FrontendRequestHandler.php @@ -0,0 +1,7 @@ +<?php +class FrontendRequestHandler extends CoreRequestHandler { + public function __construct($aOptions) { + parent::__construct($aOptions); + } +} +?> diff --git a/share/server/core/classes/CoreModChangePassword.php b/share/server/core/classes/CoreModChangePassword.php new file mode 100644 index 0000000..f8eabd7 --- /dev/null +++ b/share/server/core/classes/CoreModChangePassword.php @@ -0,0 +1,118 @@ +<?php +class CoreModChangePassword extends CoreModule { + protected $CORE; + protected $FHANDLER; + + public function __construct($CORE) { + $this->CORE = $CORE; + + $this->aActions = Array('change' => REQUIRES_AUTHORISATION); + + $this->FHANDLER = new CoreRequestHandler($_POST); + } + + public function handleAction() { + $sReturn = ''; + + if($this->offersAction($this->sAction)) { + switch($this->sAction) { + case 'change': + // Check if user is already authenticated + if(isset($this->AUTHENTICATION) && $this->AUTHENTICATION->isAuthenticated()) { + $aReturn = $this->handleResponse(); + + if($aReturn !== false) { + // Reset the authentication check. Without this the cached result + // would prevent the authentication check with the given credentials + $this->AUTHENTICATION->resetAuthCheck(); + + // Set new passwords in authentication module + $this->AUTHENTICATION->passNewPassword($aReturn); + + // Try to apply the changes + if($this->AUTHENTICATION->changePassword()) { + $sReturn = json_encode(Array('status' => 'OK', 'message' => $this->CORE->getLang()->getText('The password has been changed.'))); + } else { + // Invalid credentials + $sReturn = $this->msgPasswordNotChanged(); + } + } else { + $sReturn = $this->msgInputNotValid(); + } + } else { + // When the user is not authenticated redirect to start page (overview) + Header('Location:'.$this->CORE->getMainCfg()->getValue('paths', 'htmlbase')); + } + break; + } + } + + return $sReturn; + } + + private function handleResponse() { + $bValid = true; + // Validate the response + + // Check for needed params + if($bValid && !$this->FHANDLER->isSetAndNotEmpty('passwordOld')) { + $bValid = false; + } + if($bValid && !$this->FHANDLER->isSetAndNotEmpty('passwordNew1')) { + $bValid = false; + } + if($bValid && !$this->FHANDLER->isSetAndNotEmpty('passwordNew2')) { + $bValid = false; + } + + // Check length limits + if($bValid && $this->FHANDLER->isLongerThan('passwordOld', AUTH_MAX_PASSWORD_LENGTH)) { + $bValid = false; + } + if($bValid && $this->FHANDLER->isLongerThan('passwordNew1', AUTH_MAX_PASSWORD_LENGTH)) { + $bValid = false; + } + if($bValid && $this->FHANDLER->isLongerThan('passwordNew2', AUTH_MAX_PASSWORD_LENGTH)) { + $bValid = false; + } + + // Check if new passwords are equal + if($bValid && $this->FHANDLER->get('passwordNew1') !== $this->FHANDLER->get('passwordNew2')) { + new GlobalMessage('ERROR', $this->CORE->getLang()->getText('The two new passwords are not equal.')); + + $bValid = false; + } + + // Check if old and new passwords are equal + if($bValid && $this->FHANDLER->get('passwordOld') === $this->FHANDLER->get('passwordNew1')) { + new GlobalMessage('ERROR', $this->CORE->getLang()->getText('The new and old passwords are equal. Won\'t change anything.')); + + $bValid = false; + } + + //@todo Escape vars? + + // Store response data + if($bValid === true) { + // Return the data + return Array( + 'user' => $this->AUTHENTICATION->getUser(), + 'password' => $this->FHANDLER->get('passwordOld'), + 'passwordNew' => $this->FHANDLER->get('passwordNew1')); + } else { + return false; + } + } + + public function msgInputNotValid() { + new GlobalMessage('ERROR', $this->CORE->getLang()->getText('You entered invalid information.')); + return ''; + } + + public function msgPasswordNotChanged() { + new GlobalMessage('ERROR', $this->CORE->getLang()->getText('The password could not be changed.')); + return ''; + } +} + +?> ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Nagvis-checkins mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nagvis-checkins
