[Ltb-changes] r68 - in self-service-password/trunk: . pages

coudot at ltb-project.org coudot at ltb-project.org
Fri Apr 16 10:19:39 CEST 2010


Author: coudot
Date: 2010-04-16 10:19:39 +0200 (Fri, 16 Apr 2010)
New Revision: 68

Added:
   self-service-password/trunk/pages/setquestions.php
Modified:
   self-service-password/trunk/config.inc.php
   self-service-password/trunk/functions.inc.php
   self-service-password/trunk/lang.inc.php
Log:
#181: page to set question/answer

Modified: self-service-password/trunk/config.inc.php
===================================================================
--- self-service-password/trunk/config.inc.php	2010-04-15 09:43:00 UTC (rev 67)
+++ self-service-password/trunk/config.inc.php	2010-04-16 08:19:39 UTC (rev 68)
@@ -76,6 +76,11 @@
 # manager: the above binddn
 $who_change_password = "user";
 
+# Questions/answers
+# Answer attribute should be hidden to users!
+$answer_objectClass = "extensibleObject";
+$answer_attribute = "info";
+
 # Language
 $lang ="en";
 

Modified: self-service-password/trunk/functions.inc.php
===================================================================
--- self-service-password/trunk/functions.inc.php	2010-04-15 09:43:00 UTC (rev 67)
+++ self-service-password/trunk/functions.inc.php	2010-04-16 08:19:39 UTC (rev 68)
@@ -86,11 +86,11 @@
 # Get message criticity
 function get_criticity( $msg ) {
 	
-	if ( ereg( "nophpldap|nophpmhash|ldaperror|nomatch|badcredentials|passworderror|tooshort|toobig|minlower|minupper|mindigit|minspecial|forbiddenchars" , $msg ) ) {
+	if ( ereg( "nophpldap|nophpmhash|ldaperror|nomatch|badcredentials|passworderror|tooshort|toobig|minlower|minupper|mindigit|minspecial|forbiddenchars|answermoderror" , $msg ) ) {
 		return "critical";
 	}
 	
-	if ( ereg( "(login|oldpassword|newpassword|confirmpassword)required" , $msg ) ) {
+	if ( ereg( "(login|oldpassword|newpassword|confirmpassword|answer|question|password)required" , $msg ) ) {
 		return "warning";
 	}
 

Modified: self-service-password/trunk/lang.inc.php
===================================================================
--- self-service-password/trunk/lang.inc.php	2010-04-15 09:43:00 UTC (rev 67)
+++ self-service-password/trunk/lang.inc.php	2010-04-16 08:19:39 UTC (rev 68)
@@ -54,6 +54,17 @@
 $messages['en']['policyminspecial'] = "Minimal special characters:";
 $messages['en']['forbiddenchars'] = "You password contains forbidden characters";
 $messages['en']['policyforbiddenchars'] = "Forbidden characters:";
+$messages['en']['questions']['birthday'] = "What is your birthday?";
+$messages['en']['questions']['color'] = "What is your favorite color?";
+$messages['en']['password'] = "Password";
+$messages['en']['question'] = "Question";
+$messages['en']['answer'] = "Answer";
+$messages['en']['setquestionshelp'] = "Initialize or change your password reset question/answer";
+$messages['en']['answerrequired'] = "No answer given";
+$messages['en']['questionrequired'] = "No question selected";
+$messages['en']['passwordrequired'] = "Your password is required";
+$messages['en']['answermoderror'] = "Your answer has not been registered";
+$messages['en']['answerchanged'] = "Your answer has been registered";
 
 #==============================================================================
 # French
@@ -90,6 +101,17 @@
 $messages['fr']['policyminspecial'] = "Nombre minimum de caractères spéciaux :";
 $messages['fr']['forbiddenchars'] = "Votre mot de passe contient des caractères interdits";
 $messages['fr']['policyforbiddenchars'] = "Caractères interdits :";
+$messages['fr']['questions']['birthday'] = "Quelle est votre date de naissance ?";
+$messages['fr']['questions']['color'] = "Quelle est votre couleur préférée ?";
+$messages['fr']['password'] = "Mot de passe";
+$messages['fr']['question'] = "Question";
+$messages['fr']['answer'] = "Réponse";
+$messages['fr']['setquestionshelp'] = "Initialisez ou changez votre question/réponse pour la réinitialisation de votre mot de passe";
+$messages['fr']['answerrequired'] = "Pas de réponse donnée";
+$messages['fr']['questionrequired'] = "Pas de question sélectionnée";
+$messages['fr']['passwordrequired'] = "Vous devez indiquer votre mot de passe";
+$messages['fr']['answermoderror'] = "Votre réponse n'a pas été enregistrée";
+$messages['fr']['answerchanged'] = "Votre réponse a été enregistrée";
 
 #==============================================================================
 # German
@@ -126,5 +148,16 @@
 $messages['de']['policyminspecial'] = "Minimale Anzahl Sonderzeichen:";
 $messages['de']['forbiddenchars'] = "Ihr Passwort enthält nicht erlaubte Zeichen";
 $messages['de']['policyforbiddenchars'] = "Nicht erlaubte Zeichen:";
+$messages['de']['questions']['birthday'] = "";
+$messages['de']['questions']['color'] = "";
+$messages['de']['password'] = "Passwort";
+$messages['de']['question'] = "";
+$messages['de']['answer'] = "";
+$messages['de']['setquestionshelp'] = "";
+$messages['de']['answerrequired'] = "";
+$messages['de']['questionrequired'] = "";
+$messages['de']['passwordrequired'] = "";
+$messages['de']['answermoderror'] = "";
+$messages['de']['answerchanged'] = "";
 
 ?>

Added: self-service-password/trunk/pages/setquestions.php
===================================================================
--- self-service-password/trunk/pages/setquestions.php	                        (rev 0)
+++ self-service-password/trunk/pages/setquestions.php	2010-04-16 08:19:39 UTC (rev 68)
@@ -0,0 +1,185 @@
+<?php
+#==============================================================================
+# LTB Self Service Password
+#
+# Copyright (C) 2009 Clement OUDOT
+# Copyright (C) 2009 LTB-project.org
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# GPL License: http://www.gnu.org/licenses/gpl.txt
+#
+#==============================================================================
+
+# This page is called to set answers for a user
+
+#==============================================================================
+# POST parameters
+#==============================================================================
+# Initiate vars
+$result = "";
+$login = "";
+$password = "";
+$question = "";
+$answer = "";
+$ldap = "";
+$userdn = "";
+
+if (isset($_POST["answer"]) and $_POST["answer"]) { $answer = $_POST["answer"]; }
+ else { $result = "answerrequired"; }
+if (isset($_POST["question"]) and $_POST["question"]) { $question = $_POST["question"]; }
+ else { $result = "questionrequired"; }
+if (isset($_POST["password"]) and $_POST["password"]) { $password = $_POST["password"]; }
+ else { $result = "passwordrequired"; }
+if (isset($_REQUEST["login"]) and $_REQUEST["login"]) { $login = $_REQUEST["login"]; }
+ else { $result = "loginrequired"; }
+
+# Strip slashes added by PHP
+$login = stripslashes_if_gpc_magic_quotes($login);
+$password = stripslashes_if_gpc_magic_quotes($password);
+$question = stripslashes_if_gpc_magic_quotes($question);
+$answer = stripslashes_if_gpc_magic_quotes($answer);
+
+#==============================================================================
+# Check password
+#==============================================================================
+if ( $result === "" ) {
+
+    # Connect to LDAP
+    $ldap = ldap_connect($ldap_url);
+    ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
+    ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
+
+    # Bind
+    if ( isset($ldap_binddn) && isset($ldap_bindpw) ) {
+        $bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw);
+    } else {
+        $bind = ldap_bind($ldap);
+    }
+
+    $errno = ldap_errno($ldap);
+    if ( $errno ) {
+        $result = "ldaperror";
+        error_log("LDAP - Bind error $errno (".ldap_error($ldap).")");
+    } else {
+    
+    # Search for user
+    $ldap_filter = str_replace("{login}", $login, $ldap_filter);
+    $search = ldap_search($ldap, $ldap_base, $ldap_filter);
+
+    $errno = ldap_errno($ldap);
+    if ( $errno ) {
+        $result = "ldaperror";
+        error_log("LDAP - Search error $errno (".ldap_error($ldap).")");
+    } else {
+
+    # Get user DN
+    $entry = ldap_first_entry($ldap, $search);
+    $userdn = ldap_get_dn($ldap, $entry);
+
+    if( !$userdn ) {
+        $result = "badcredentials";
+        error_log("LDAP - User $login not found");
+    } else {
+    
+    # Bind with password
+    $bind = ldap_bind($ldap, $userdn, $password);
+    $errno = ldap_errno($ldap);
+    if ( $errno ) {
+        $result = "badcredentials";
+        error_log("LDAP - Bind user error $errno (".ldap_error($ldap).")");
+}}}}}
+
+#==============================================================================
+# Register answer
+#==============================================================================
+if ( $result === "" ) {
+
+    # Rebind as Manager if needed
+    if ( $who_change_password == "manager" ) {
+        $bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw);
+    }
+
+    # Check objectClass presence
+    $search = ldap_search($ldap, $userdn, "(objectClass=*)", array("objectClass") );
+ 
+    $errno = ldap_errno($ldap);
+    if ( $errno ) {
+        $result = "ldaperror";
+        error_log("LDAP - Search error $errno (".ldap_error($ldap).")");
+    } else {
+
+    # Get objectClass values from user entry
+    $entry = ldap_first_entry($ldap, $search);
+    $ocValues = ldap_get_values($ldap, $entry, "objectClass");
+
+    # Remove 'count' key
+    unset($ocValues["count"]);
+
+    if (! in_array( $answer_objectClass, $ocValues ) ) {
+
+        # Answer objectClass is not present, add it
+        array_push($ocValues, $answer_objectClass );
+        $ocValues = array_values( $ocValues );
+        $userdata["objectClass"] = $ocValues;
+    }
+
+    # Question/Answer
+    $userdata[$answer_attribute] = '{'.$question.'}'.$answer;
+
+    # Commit modification on directory
+    $replace = ldap_mod_replace($ldap, $userdn , $userdata);
+    
+    $errno = ldap_errno($ldap);
+    if ( $errno ) {
+        $result = "answermoderror";
+        error_log("LDAP - Modify answer (error $errno (".ldap_error($ldap).")");
+    } else {
+        $result = "answerchanged";
+    }
+
+}}
+
+#==============================================================================
+# HTML
+#==============================================================================
+?>
+
+<div class="result <?php echo get_criticity($result) ?>">
+<h2 class="<?php echo get_criticity($result) ?>"><?php echo $messages[$lang][$result]; ?></h2>
+</div>
+<?php if ( $result !== "answerchanged" ) { ?>
+<div class="help"><p><?php echo $messages[$lang]["setquestionshelp"]; ?></p></div>
+
+<form action="#" method="post">
+    <table>
+    <tr><th><?php echo $messages[$lang]["login"]; ?></th>
+    <td><input type="text" name="login" value="<?php echo htmlentities($login) ?>" /></td></tr>
+    <tr><th><?php echo $messages[$lang]["password"]; ?></th>
+    <td><input type="password" name="password" /></td></tr>
+    <tr><th><?php echo $messages[$lang]["question"]; ?></th>
+    <td>
+    <select name="question">
+<?php
+# Build options
+foreach ( $messages[$lang]["questions"] as $value => $text ) {
+    echo "<option value=\"$value\">$text</option>";
+}
+?>
+    </select>
+    </td></tr>
+    <tr><th><?php echo $messages[$lang]["answer"]; ?></th>
+    <td><input type="text" name="answer" /></td></tr>
+    <tr><td colspan="2">
+    <input type="submit" value="<?php echo $messages[$lang]['submit']; ?>" /></td></tr>
+    </table>
+</form>
+<?php } ?>



More information about the ltb-changes mailing list