WebSVN – oidplus – Blame – /trunk/plugins/raPages/101_change_password/plugin.inc.php

Rev	Author	Line No.	Line
61	daniel-mar	1	<?php
		2
		3	/*
		4	* OIDplus 2.0
		5	* Copyright 2019 Daniel Marschall, ViaThinkSoft
		6	*
		7	* Licensed under the Apache License, Version 2.0 (the "License");
		8	* you may not use this file except in compliance with the License.
		9	* You may obtain a copy of the License at
		10	*
		11	* http://www.apache.org/licenses/LICENSE-2.0
		12	*
		13	* Unless required by applicable law or agreed to in writing, software
		14	* distributed under the License is distributed on an "AS IS" BASIS,
		15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		16	* See the License for the specific language governing permissions and
		17	* limitations under the License.
		18	*/
		19
112	daniel-mar	20	if (!defined('IN_OIDPLUS')) die();
		21
61	daniel-mar	22	class OIDplusPageRaChangePassword extends OIDplusPagePlugin {
		23	public function type() {
		24	return 'ra';
		25	}
		26
		27	public function priority() {
		28	return 101;
		29	}
		30
		31	public function action(&$handled) {
107	daniel-mar	32	if (isset($_POST["action"]) && ($_POST["action"] == "change_ra_password")) {
61	daniel-mar	33	$handled = true;
		34
		35	$email = $_POST['email'];
		36
150	daniel-mar	37	$res = OIDplus::db()->query("select * from ".OIDPLUS_TABLENAME_PREFIX."ra where email = ?", array($email));
61	daniel-mar	38	if (OIDplus::db()->num_rows($res) == 0) {
107	daniel-mar	39	die(json_encode(array("error" => 'RA does not exist')));
61	daniel-mar	40	}
		41
		42	if (!OIDplus::authUtils()::isRaLoggedIn($email) && !OIDplus::authUtils()::isAdminLoggedIn()) {
107	daniel-mar	43	die(json_encode(array("error" => 'Authentification error. Please log in as the RA to update its data.')));
61	daniel-mar	44	}
		45
		46	$old_password = $_POST['old_password'];
		47	$password1 = $_POST['new_password1'];
		48	$password2 = $_POST['new_password2'];
		49
		50	if ($password1 !== $password2) {
107	daniel-mar	51	die(json_encode(array("error" => 'Passwords are not equal')));
61	daniel-mar	52	}
		53
		54	if (strlen($password1) < OIDplus::config()->minRaPasswordLength()) {
107	daniel-mar	55	die(json_encode(array("error" => 'New password is too short. Minimum password length: '.OIDplus::config()->minRaPasswordLength())));
61	daniel-mar	56	}
		57
		58	$ra = new OIDplusRA($email);
		59	if (!$ra->checkPassword($old_password)) {
107	daniel-mar	60	die(json_encode(array("error" => 'Old password incorrect')));
61	daniel-mar	61	}
115	daniel-mar	62	OIDplus::logger()->log("RA($email)?/A?", "Password of RA '$email' changed");
61	daniel-mar	63	$ra->change_password($password1);
		64
107	daniel-mar	65	echo json_encode(array("status" => 0));
61	daniel-mar	66	}
		67	}
		68
75	daniel-mar	69	public function init($html=true) {
61	daniel-mar	70	// Nothing
		71	}
		72
		73	public function cfgSetValue($name, $value) {
		74	// Nothing
		75	}
		76
		77	public function gui($id, &$out, &$handled) {
		78	if (explode('$',$id)[0] == 'oidplus:change_ra_password') {
		79	$handled = true;
		80	$out['title'] = 'Change RA password';
148	daniel-mar	81	$out['icon'] = file_exists(__DIR__.'/icon_big.png') ? 'plugins/'.basename(dirname(__DIR__)).'/'.basename(__DIR__).'/icon_big.png' : '';
61	daniel-mar	82
		83	$ra_email = explode('$',$id)[1];
		84
150	daniel-mar	85	$res = OIDplus::db()->query("select * from ".OIDPLUS_TABLENAME_PREFIX."ra where email = ?", array($ra_email));
61	daniel-mar	86	if (OIDplus::db()->num_rows($res) == 0) {
		87	$out['icon'] = 'img/error_big.png';
		88	$out['text'] = 'RA <b>'.htmlentities($ra_email).'</b> does not exist';
		89	return $out;
		90	}
		91
		92	if (!OIDplus::authUtils()::isRaLoggedIn($ra_email) && !OIDplus::authUtils()::isAdminLoggedIn()) {
		93	$out['icon'] = 'img/error_big.png';
107	daniel-mar	94	$out['text'] .= '<p>You need to <a '.oidplus_link('oidplus:login').'>log in</a> as the requested RA <b>'.htmlentities($ra_email).'</b>.</p>';
61	daniel-mar	95	} else {
		96	$out['text'] .= '<form id="raChangePasswordForm" onsubmit="return raChangePasswordFormOnSubmit();">';
		97	$out['text'] .= '<input type="hidden" id="email" value="'.htmlentities($ra_email).'"/><br>';
		98	$out['text'] .= '<label class="padding_label">Old password:</label><input type="password" id="old_password" value=""/><br>';
		99	$out['text'] .= '<label class="padding_label">New password:</label><input type="password" id="new_password1" value=""/><br>';
		100	$out['text'] .= '<label class="padding_label">Again:</label><input type="password" id="new_password2" value=""/><br><br>';
		101	$out['text'] .= '<input type="submit" value="Change password"></form>';
		102	}
		103	}
		104	}
		105
106	daniel-mar	106	public function tree(&$json, $ra_email=null, $nonjs=false, $req_goto='') {
61	daniel-mar	107	if (file_exists(__DIR__.'/treeicon.png')) {
148	daniel-mar	108	$tree_icon = 'plugins/'.basename(dirname(__DIR__)).'/'.basename(__DIR__).'/treeicon.png';
61	daniel-mar	109	} else {
		110	$tree_icon = null; // default icon (folder)
		111	}
		112
		113	$json[] = array(
		114	'id' => 'oidplus:change_ra_password$'.$ra_email,
		115	'icon' => $tree_icon,
		116	'text' => 'Change password'
		117	);
104	daniel-mar	118
		119	return true;
61	daniel-mar	120	}
108	daniel-mar	121
		122	public function tree_search($request) {
		123	return false;
		124	}
61	daniel-mar	125	}
		126
		127	OIDplus::registerPagePlugin(new OIDplusPageRaChangePassword());

Subversion Repositories oidplus

oidplus/trunk/plugins/raPages/101_change_password/plugin.inc.php – Rev 150