WebSVN – oidplus – Diff – /trunk/plugins/viathinksoft/raPages/101_change_password/OIDplusPageRaChangePassword.class.php


<?php
 
/*
 * OIDplus 2.0
 * Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
 
namespace ViaThinkSoft\OIDplus;
 
// phpcs:disable PSR1.Files.SideEffects
\defined('INSIDE_OIDPLUS') or die;
// phpcs:enable PSR1.Files.SideEffects
 
class OIDplusPageRaChangePassword extends OIDplusPagePluginRa {
 
        /**
         * @param string $actionID
         * @param array $params
         * @return array
         * @throws OIDplusException
         */
        public function action(string $actionID, array $params): array {
                if ($actionID == 'change_ra_password') {
                        _CheckParamExists($params, 'email');
 
                        $email = $params['email'];
 
                        $res = OIDplus::db()->query("select * from ###ra where email = ?", array($email));
                        if (!$res->any()) {
                                throw new OIDplusException(_L('RA does not exist'));
                        }
 
                        if (!OIDplus::authUtils()->isRaLoggedIn($email) && !OIDplus::authUtils()->isAdminLoggedIn()) {
                                throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA to update its data.'));
                        }
 
                        if (!OIDplus::authUtils()->isAdminLoggedIn()) {
                                _CheckParamExists($params, 'old_password');
                                $old_password = $params['old_password'];
                        } else {
                                $old_password = '';
                        }
 
                        _CheckParamExists($params, 'new_password1');
                        _CheckParamExists($params, 'new_password2');
 
                        $password1 = $params['new_password1'];
                        $password2 = $params['new_password2'];
 
                        if ($password1 !== $password2) {
                                throw new OIDplusException(_L('Passwords do not match'));
                        }
 
                        if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) {
                                $minlen = OIDplus::config()->getValue('ra_min_password_length');
                                throw new OIDplusException(_L('New password is too short. Minimum password length: %1',$minlen));
                        }
 
                        $ra = new OIDplusRA($email);
                        if (!$ra->isPasswordLess()) {
                                if (!OIDplus::authUtils()->isAdminLoggedIn()) {
                                        if (!$ra->checkPassword($old_password)) {
                                                throw new OIDplusException(_L('Old password incorrect'));
                                        }
                                }
                                OIDplus::logger()->log("[?WARN/!OK]RA($email)?/[?INFO/!OK]A?", "Password of RA '$email' changed");
                        } else {
                                OIDplus::logger()->log("[?WARN/!OK]RA($email)?/[?INFO/!OK]A?", "Password of RA '$email' created");
                        }
                        $ra->change_password($password1);
 
                        return array("status" => 0);
                } else {
                        return parent::action($actionID, $params);
                }
        }
 
        /**
         * @param bool $html
         * @return void
         */
        public function init(bool $html=true) {
                // Nothing
        }
 
        /**
         * @param string $id
         * @param array $out
         * @param bool $handled
         * @return void
         * @throws OIDplusException
         */
        public function gui(string $id, array &$out, bool &$handled) {
                if (explode('$',$id)[0] == 'oidplus:change_ra_password') {
                        $handled = true;
 
                        $ra_email = explode('$',$id)[1];
                        $ra = new OIDplusRA($ra_email);
 
                        $out['title'] = $ra->isPasswordLess() ? _L('Create password') : _L('Change RA password');
                        $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : '';
 
                        if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) {
                                $out['icon'] = 'img/error.png';
                                $out['text'] = '<p>'._L('You need to <a %1>log in</a> as the requested RA %2.',OIDplus::gui()->link('oidplus:login$ra$'.$ra_email),'<b>'.htmlentities($ra_email).'</b>').'</p>';
                                return;
                        }
 
                        $res = OIDplus::db()->query("select * from ###ra where email = ?", array($ra_email));
                        if (!$res->any()) {
                                $out['icon'] = 'img/error.png';
                                $out['text'] = _L('RA "%1" does not exist','<b>'.htmlentities($ra_email).'</b>');
                                return;
                        }
 
                        $out['text'] .= '<form id="raChangePasswordForm" action="javascript:void(0);" onsubmit="return OIDplusPageRaChangePassword.raChangePasswordFormOnSubmit();">';
                        $out['text'] .= '<input type="hidden" id="email" value="'.htmlentities($ra_email).'"/><br>';
                        $out['text'] .= '<div><label class="padding_label">'._L('E-Mail').':</label><b>'.htmlentities($ra_email).'</b></div>';
                        if (!$ra->isPasswordLess()) {
                                if (OIDplus::authUtils()->isAdminLoggedIn()) {
                                        $out['text'] .= '<div><label class="padding_label">'._L('Old password').':</label><i>'._L('Admin can change the password without verification of the old password.').'</i></div>';
                                } else {
                                        $out['text'] .= '<div><label class="padding_label">'._L('Old password').':</label><input type="password" id="old_password" value=""/></div>';
                                }
                        }
                        $out['text'] .= '<div><label class="padding_label">'._L('New password').':</label><input type="password" id="new_password1" value=""/></div>';
                        $out['text'] .= '<div><label class="padding_label">'._L('Repeat').':</label><input type="password" id="new_password2" value=""/></div>';
                        $out['text'] .= '<br><input type="submit" value="'.($ra->isPasswordLess() ? _L('Create password') : _L('Change password')).'"></form>';
                }
        }
 
        /**
         * @param array $json
         * @param string|null $ra_email
         * @param bool $nonjs
         * @param string $req_goto
         * @return bool
         * @throws OIDplusException
         */
        public function tree(array &$json, string $ra_email=null, bool $nonjs=false, string $req_goto=''): bool {
                if (!$ra_email) return false;
                if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) return false;
 
                if (file_exists(__DIR__.'/img/main_icon16.png')) {
                        $tree_icon = OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon16.png';
                } else {
                        $tree_icon = null; // default icon (folder)
                }
 
                $ra = new OIDplusRA($ra_email);
 
                $json[] = array(
                        'id' => 'oidplus:change_ra_password$'.$ra_email,
                        'icon' => $tree_icon,
                        'text' => $ra->isPasswordLess() ? _L('Create password') : _L('Change password')
                );
 
                return true;
        }
 
        /**
         * @param string $request
         * @return array|false
         */
        public function tree_search(string $request) {
                return false;
        }
}
 

Subversion Repositories oidplus

oidplus/trunk/plugins/viathinksoft/raPages/101_change_password/OIDplusPageRaChangePassword.class.php – Rev 1116 → 1143

Rev 1116		Rev 1143
1	<?php	1	<?php
2		2
3	/*	3	/*
4	* OIDplus 2.0	4	* OIDplus 2.0
5	* Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft	5	* Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft
6	*	6	*
7	* Licensed under the Apache License, Version 2.0 (the "License");	7	* Licensed under the Apache License, Version 2.0 (the "License");
8	* you may not use this file except in compliance with the License.	8	* you may not use this file except in compliance with the License.
9	* You may obtain a copy of the License at	9	* You may obtain a copy of the License at
10	*	10	*
11	* http://www.apache.org/licenses/LICENSE-2.0	11	* http://www.apache.org/licenses/LICENSE-2.0
12	*	12	*
13	* Unless required by applicable law or agreed to in writing, software	13	* Unless required by applicable law or agreed to in writing, software
14	* distributed under the License is distributed on an "AS IS" BASIS,	14	* distributed under the License is distributed on an "AS IS" BASIS,
15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.	15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16	* See the License for the specific language governing permissions and	16	* See the License for the specific language governing permissions and
17	* limitations under the License.	17	* limitations under the License.
18	*/	18	*/
19		19
20	namespace ViaThinkSoft\OIDplus;	20	namespace ViaThinkSoft\OIDplus;
21		21
22	// phpcs:disable PSR1.Files.SideEffects	22	// phpcs:disable PSR1.Files.SideEffects
23	\defined('INSIDE_OIDPLUS') or die;	23	\defined('INSIDE_OIDPLUS') or die;
24	// phpcs:enable PSR1.Files.SideEffects	24	// phpcs:enable PSR1.Files.SideEffects
25		25
26	class OIDplusPageRaChangePassword extends OIDplusPagePluginRa {	26	class OIDplusPageRaChangePassword extends OIDplusPagePluginRa {
27		27
28	/**	28	/**
29	* @param string $actionID	29	* @param string $actionID
30	* @param array $params	30	* @param array $params
31	* @return int[]	31	* @return array
32	* @throws OIDplusException	32	* @throws OIDplusException
33	*/	33	*/
34	public function action(string $actionID, array $params): array {	34	public function action(string $actionID, array $params): array {
35	if ($actionID == 'change_ra_password') {	35	if ($actionID == 'change_ra_password') {
36	_CheckParamExists($params, 'email');	36	_CheckParamExists($params, 'email');
37		37
38	$email = $params['email'];	38	$email = $params['email'];
39		39
40	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($email));	40	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($email));
41	if (!$res->any()) {	41	if (!$res->any()) {
42	throw new OIDplusException(_L('RA does not exist'));	42	throw new OIDplusException(_L('RA does not exist'));
43	}	43	}
44		44
45	if (!OIDplus::authUtils()->isRaLoggedIn($email) && !OIDplus::authUtils()->isAdminLoggedIn()) {	45	if (!OIDplus::authUtils()->isRaLoggedIn($email) && !OIDplus::authUtils()->isAdminLoggedIn()) {
46	throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA to update its data.'));	46	throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA to update its data.'));
47	}	47	}
48		48
49	if (!OIDplus::authUtils()->isAdminLoggedIn()) {	49	if (!OIDplus::authUtils()->isAdminLoggedIn()) {
50	_CheckParamExists($params, 'old_password');	50	_CheckParamExists($params, 'old_password');
51	$old_password = $params['old_password'];	51	$old_password = $params['old_password'];
52	} else {	52	} else {
53	$old_password = '';	53	$old_password = '';
54	}	54	}
55		55
56	_CheckParamExists($params, 'new_password1');	56	_CheckParamExists($params, 'new_password1');
57	_CheckParamExists($params, 'new_password2');	57	_CheckParamExists($params, 'new_password2');
58		58
59	$password1 = $params['new_password1'];	59	$password1 = $params['new_password1'];
60	$password2 = $params['new_password2'];	60	$password2 = $params['new_password2'];
61		61
62	if ($password1 !== $password2) {	62	if ($password1 !== $password2) {
63	throw new OIDplusException(_L('Passwords do not match'));	63	throw new OIDplusException(_L('Passwords do not match'));
64	}	64	}
65		65
66	if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) {	66	if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) {
67	$minlen = OIDplus::config()->getValue('ra_min_password_length');	67	$minlen = OIDplus::config()->getValue('ra_min_password_length');
68	throw new OIDplusException(_L('New password is too short. Minimum password length: %1',$minlen));	68	throw new OIDplusException(_L('New password is too short. Minimum password length: %1',$minlen));
69	}	69	}
70		70
71	$ra = new OIDplusRA($email);	71	$ra = new OIDplusRA($email);
72	if (!$ra->isPasswordLess()) {	72	if (!$ra->isPasswordLess()) {
73	if (!OIDplus::authUtils()->isAdminLoggedIn()) {	73	if (!OIDplus::authUtils()->isAdminLoggedIn()) {
74	if (!$ra->checkPassword($old_password)) {	74	if (!$ra->checkPassword($old_password)) {
75	throw new OIDplusException(_L('Old password incorrect'));	75	throw new OIDplusException(_L('Old password incorrect'));
76	}	76	}
77	}	77	}
78	OIDplus::logger()->log("[?WARN/!OK]RA($email)?/[?INFO/!OK]A?", "Password of RA '$email' changed");	78	OIDplus::logger()->log("[?WARN/!OK]RA($email)?/[?INFO/!OK]A?", "Password of RA '$email' changed");
79	} else {	79	} else {
80	OIDplus::logger()->log("[?WARN/!OK]RA($email)?/[?INFO/!OK]A?", "Password of RA '$email' created");	80	OIDplus::logger()->log("[?WARN/!OK]RA($email)?/[?INFO/!OK]A?", "Password of RA '$email' created");
81	}	81	}
82	$ra->change_password($password1);	82	$ra->change_password($password1);
83		83
84	return array("status" => 0);	84	return array("status" => 0);
85	} else {	85	} else {
86	return parent::action($actionID, $params);	86	return parent::action($actionID, $params);
87	}	87	}
88	}	88	}
89		89
90	/**	90	/**
91	* @param bool $html	91	* @param bool $html
92	* @return void	92	* @return void
93	*/	93	*/
94	public function init(bool $html=true) {	94	public function init(bool $html=true) {
95	// Nothing	95	// Nothing
96	}	96	}
97		97
98	/**	98	/**
99	* @param string $id	99	* @param string $id
100	* @param array $out	100	* @param array $out
101	* @param bool $handled	101	* @param bool $handled
102	* @return void	102	* @return void
103	* @throws OIDplusException	103	* @throws OIDplusException
104	*/	104	*/
105	public function gui(string $id, array &$out, bool &$handled) {	105	public function gui(string $id, array &$out, bool &$handled) {
106	if (explode('$',$id)[0] == 'oidplus:change_ra_password') {	106	if (explode('$',$id)[0] == 'oidplus:change_ra_password') {
107	$handled = true;	107	$handled = true;
108		108
109	$ra_email = explode('$',$id)[1];	109	$ra_email = explode('$',$id)[1];
110	$ra = new OIDplusRA($ra_email);	110	$ra = new OIDplusRA($ra_email);
111		111
112	$out['title'] = $ra->isPasswordLess() ? _L('Create password') : _L('Change RA password');	112	$out['title'] = $ra->isPasswordLess() ? _L('Create password') : _L('Change RA password');
113	$out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : '';	113	$out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : '';
114		114
115	if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) {	115	if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) {
116	$out['icon'] = 'img/error.png';	116	$out['icon'] = 'img/error.png';
117	$out['text'] = '<p>'._L('You need to <a %1>log in</a> as the requested RA %2.',OIDplus::gui()->link('oidplus:login$ra$'.$ra_email),'<b>'.htmlentities($ra_email).'</b>').'</p>';	117	$out['text'] = '<p>'._L('You need to <a %1>log in</a> as the requested RA %2.',OIDplus::gui()->link('oidplus:login$ra$'.$ra_email),'<b>'.htmlentities($ra_email).'</b>').'</p>';
118	return;	118	return;
119	}	119	}
120		120
121	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($ra_email));	121	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($ra_email));
122	if (!$res->any()) {	122	if (!$res->any()) {
123	$out['icon'] = 'img/error.png';	123	$out['icon'] = 'img/error.png';
124	$out['text'] = _L('RA "%1" does not exist','<b>'.htmlentities($ra_email).'</b>');	124	$out['text'] = _L('RA "%1" does not exist','<b>'.htmlentities($ra_email).'</b>');
125	return;	125	return;
126	}	126	}
127		127
128	$out['text'] .= '<form id="raChangePasswordForm" action="javascript:void(0);" onsubmit="return OIDplusPageRaChangePassword.raChangePasswordFormOnSubmit();">';	128	$out['text'] .= '<form id="raChangePasswordForm" action="javascript:void(0);" onsubmit="return OIDplusPageRaChangePassword.raChangePasswordFormOnSubmit();">';
129	$out['text'] .= '<input type="hidden" id="email" value="'.htmlentities($ra_email).'"/><br>';	129	$out['text'] .= '<input type="hidden" id="email" value="'.htmlentities($ra_email).'"/><br>';
130	$out['text'] .= '<div><label class="padding_label">'._L('E-Mail').':</label><b>'.htmlentities($ra_email).'</b></div>';	130	$out['text'] .= '<div><label class="padding_label">'._L('E-Mail').':</label><b>'.htmlentities($ra_email).'</b></div>';
131	if (!$ra->isPasswordLess()) {	131	if (!$ra->isPasswordLess()) {
132	if (OIDplus::authUtils()->isAdminLoggedIn()) {	132	if (OIDplus::authUtils()->isAdminLoggedIn()) {
133	$out['text'] .= '<div><label class="padding_label">'._L('Old password').':</label><i>'._L('Admin can change the password without verification of the old password.').'</i></div>';	133	$out['text'] .= '<div><label class="padding_label">'._L('Old password').':</label><i>'._L('Admin can change the password without verification of the old password.').'</i></div>';
134	} else {	134	} else {
135	$out['text'] .= '<div><label class="padding_label">'._L('Old password').':</label><input type="password" id="old_password" value=""/></div>';	135	$out['text'] .= '<div><label class="padding_label">'._L('Old password').':</label><input type="password" id="old_password" value=""/></div>';
136	}	136	}
137	}	137	}
138	$out['text'] .= '<div><label class="padding_label">'._L('New password').':</label><input type="password" id="new_password1" value=""/></div>';	138	$out['text'] .= '<div><label class="padding_label">'._L('New password').':</label><input type="password" id="new_password1" value=""/></div>';
139	$out['text'] .= '<div><label class="padding_label">'._L('Repeat').':</label><input type="password" id="new_password2" value=""/></div>';	139	$out['text'] .= '<div><label class="padding_label">'._L('Repeat').':</label><input type="password" id="new_password2" value=""/></div>';
140	$out['text'] .= '<br><input type="submit" value="'.($ra->isPasswordLess() ? _L('Create password') : _L('Change password')).'"></form>';	140	$out['text'] .= '<br><input type="submit" value="'.($ra->isPasswordLess() ? _L('Create password') : _L('Change password')).'"></form>';
141	}	141	}
142	}	142	}
143		143
144	/**	144	/**
145	* @param array $json	145	* @param array $json
146	* @param string\|null $ra_email	146	* @param string\|null $ra_email
147	* @param bool $nonjs	147	* @param bool $nonjs
148	* @param string $req_goto	148	* @param string $req_goto
149	* @return bool	149	* @return bool
150	* @throws OIDplusException	150	* @throws OIDplusException
151	*/	151	*/
152	public function tree(array &$json, string $ra_email=null, bool $nonjs=false, string $req_goto=''): bool {	152	public function tree(array &$json, string $ra_email=null, bool $nonjs=false, string $req_goto=''): bool {
153	if (!$ra_email) return false;	153	if (!$ra_email) return false;
154	if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) return false;	154	if (!OIDplus::authUtils()->isRaLoggedIn($ra_email) && !OIDplus::authUtils()->isAdminLoggedIn()) return false;
155		155
156	if (file_exists(__DIR__.'/img/main_icon16.png')) {	156	if (file_exists(__DIR__.'/img/main_icon16.png')) {
157	$tree_icon = OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon16.png';	157	$tree_icon = OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon16.png';
158	} else {	158	} else {
159	$tree_icon = null; // default icon (folder)	159	$tree_icon = null; // default icon (folder)
160	}	160	}
161		161
162	$ra = new OIDplusRA($ra_email);	162	$ra = new OIDplusRA($ra_email);
163		163
164	$json[] = array(	164	$json[] = array(
165	'id' => 'oidplus:change_ra_password$'.$ra_email,	165	'id' => 'oidplus:change_ra_password$'.$ra_email,
166	'icon' => $tree_icon,	166	'icon' => $tree_icon,
167	'text' => $ra->isPasswordLess() ? _L('Create password') : _L('Change password')	167	'text' => $ra->isPasswordLess() ? _L('Create password') : _L('Change password')
168	);	168	);
169		169
170	return true;	170	return true;
171	}	171	}
172		172
173	/**	173	/**
174	* @param string $request	174	* @param string $request
175	* @return array\|false	175	* @return array\|false
176	*/	176	*/
177	public function tree_search(string $request) {	177	public function tree_search(string $request) {
178	return false;	178	return false;
179	}	179	}
180	}	180	}
181		181