WebSVN – oidplus – Blame – /trunk/plugins/raPages/101_change_password/OIDplusPageRaChangePassword.class.php

Rev	Author	Line No.	Line
61	daniel-mar	1	<?php
		2
		3	/*
		4	* OIDplus 2.0
		5	* Copyright 2019 Daniel Marschall, ViaThinkSoft
		6	*
		7	* Licensed under the Apache License, Version 2.0 (the "License");
		8	* you may not use this file except in compliance with the License.
		9	* You may obtain a copy of the License at
		10	*
		11	* http://www.apache.org/licenses/LICENSE-2.0
		12	*
		13	* Unless required by applicable law or agreed to in writing, software
		14	* distributed under the License is distributed on an "AS IS" BASIS,
		15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		16	* See the License for the specific language governing permissions and
		17	* limitations under the License.
		18	*/
		19
256	daniel-mar	20	class OIDplusPageRaChangePassword extends OIDplusPagePluginRa {
61	daniel-mar	21
		22	public function action(&$handled) {
107	daniel-mar	23	if (isset($_POST["action"]) && ($_POST["action"] == "change_ra_password")) {
61	daniel-mar	24	$handled = true;
		25
		26	$email = $_POST['email'];
		27
261	daniel-mar	28	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($email));
236	daniel-mar	29	if ($res->num_rows() == 0) {
250	daniel-mar	30	throw new OIDplusException('RA does not exist');
61	daniel-mar	31	}
		32
		33	if (!OIDplus::authUtils()::isRaLoggedIn($email) && !OIDplus::authUtils()::isAdminLoggedIn()) {
250	daniel-mar	34	throw new OIDplusException('Authentification error. Please log in as the RA or admin to update its data.');
61	daniel-mar	35	}
		36
152	daniel-mar	37	if (!OIDplus::authUtils()::isAdminLoggedIn()) {
		38	$old_password = $_POST['old_password'];
		39	}
61	daniel-mar	40	$password1 = $_POST['new_password1'];
		41	$password2 = $_POST['new_password2'];
		42
		43	if ($password1 !== $password2) {
250	daniel-mar	44	throw new OIDplusException('Passwords are not equal');
61	daniel-mar	45	}
		46
257	daniel-mar	47	if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) {
		48	throw new OIDplusException('New password is too short. Minimum password length: '.OIDplus::config()->getValue('ra_min_password_length'));
61	daniel-mar	49	}
		50
		51	$ra = new OIDplusRA($email);
152	daniel-mar	52	if (!OIDplus::authUtils()::isAdminLoggedIn()) {
		53	if (!$ra->checkPassword($old_password)) {
250	daniel-mar	54	throw new OIDplusException('Old password incorrect');
152	daniel-mar	55	}
61	daniel-mar	56	}
115	daniel-mar	57	OIDplus::logger()->log("RA($email)?/A?", "Password of RA '$email' changed");
61	daniel-mar	58	$ra->change_password($password1);
		59
107	daniel-mar	60	echo json_encode(array("status" => 0));
61	daniel-mar	61	}
		62	}
		63
75	daniel-mar	64	public function init($html=true) {
61	daniel-mar	65	// Nothing
		66	}
		67
		68	public function gui($id, &$out, &$handled) {
		69	if (explode('$',$id)[0] == 'oidplus:change_ra_password') {
		70	$handled = true;
281	daniel-mar	71
		72	$ra_email = explode('$',$id)[1];
		73
61	daniel-mar	74	$out['title'] = 'Change RA password';
241	daniel-mar	75	$out['icon'] = file_exists(__DIR__.'/icon_big.png') ? OIDplus::webpath(__DIR__).'icon_big.png' : '';
61	daniel-mar	76
281	daniel-mar	77	if (!OIDplus::authUtils()::isRaLoggedIn($ra_email) && !OIDplus::authUtils()::isAdminLoggedIn()) {
		78	$out['icon'] = 'img/error_big.png';
		79	$out['text'] = '<p>You need to <a '.OIDplus::gui()->link('oidplus:login').'>log in</a> as the requested RA <b>'.htmlentities($ra_email).'</b>.</p>';
		80	return;
		81	}
61	daniel-mar	82
261	daniel-mar	83	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($ra_email));
236	daniel-mar	84	if ($res->num_rows() == 0) {
61	daniel-mar	85	$out['icon'] = 'img/error_big.png';
		86	$out['text'] = 'RA <b>'.htmlentities($ra_email).'</b> does not exist';
281	daniel-mar	87	return;
61	daniel-mar	88	}
		89
281	daniel-mar	90	$out['text'] .= '<form id="raChangePasswordForm" onsubmit="return raChangePasswordFormOnSubmit();">';
		91	$out['text'] .= '<input type="hidden" id="email" value="'.htmlentities($ra_email).'"/><br>';
		92	$out['text'] .= '<div><label class="padding_label">E-Mail:</label><b>'.htmlentities($ra_email).'</b></div>';
		93	if (OIDplus::authUtils()::isAdminLoggedIn()) {
		94	$out['text'] .= '<div><label class="padding_label">Old password:</label><i>Admin can change the password without verification of the old password.</i></div>';
61	daniel-mar	95	} else {
281	daniel-mar	96	$out['text'] .= '<div><label class="padding_label">Old password:</label><input type="password" id="old_password" value=""/></div>';
61	daniel-mar	97	}
281	daniel-mar	98	$out['text'] .= '<div><label class="padding_label">New password:</label><input type="password" id="new_password1" value=""/></div>';
		99	$out['text'] .= '<div><label class="padding_label">Repeat:</label><input type="password" id="new_password2" value=""/></div>';
		100	$out['text'] .= '<br><input type="submit" value="Change password"></form>';
61	daniel-mar	101	}
		102	}
		103
106	daniel-mar	104	public function tree(&$json, $ra_email=null, $nonjs=false, $req_goto='') {
281	daniel-mar	105	if (!$ra_email) return false;
		106	if (!OIDplus::authUtils()::isRaLoggedIn($ra_email) && !OIDplus::authUtils()::isAdminLoggedIn()) return false;
		107
61	daniel-mar	108	if (file_exists(__DIR__.'/treeicon.png')) {
241	daniel-mar	109	$tree_icon = OIDplus::webpath(__DIR__).'treeicon.png';
61	daniel-mar	110	} else {
		111	$tree_icon = null; // default icon (folder)
		112	}
		113
		114	$json[] = array(
		115	'id' => 'oidplus:change_ra_password$'.$ra_email,
		116	'icon' => $tree_icon,
		117	'text' => 'Change password'
		118	);
104	daniel-mar	119
		120	return true;
61	daniel-mar	121	}
108	daniel-mar	122
		123	public function tree_search($request) {
		124	return false;
		125	}
61	daniel-mar	126	}

Subversion Repositories oidplus

oidplus/trunk/plugins/raPages/101_change_password/OIDplusPageRaChangePassword.class.php – Rev 281