if ( isset($_POST['prenom'])) $prenom=$purifier->purify($_POST['prenom']);
if ( isset($_POST['naissance'])) $naissance=$purifier->purify($_POST['naissance']);
if ( isset($_POST['sexe'])) $sexe=$purifier->purify($_POST['sexe']);
if ( isset($_POST['categorie'])) $categorie=$purifier->purify($_POST['categorie']);
if ( isset($_POST['add_user'])) $add_user=$purifier->purify($_POST['add_user']);
$string_auth=( isset($_POST['string_auth'])) ? $purifier->purify($_POST['string_auth']) :"";
$string_auth1=( isset($_POST['string_auth1'])) ? $purifier->purify($_POST['string_auth1']) :"";
if ( isset($_POST['dummy'])) $dummy=$purifier->purify($_POST['dummy']);
if ( isset($_POST['dummy1'])) $dummy1=$purifier->purify($_POST['dummy1']);
}
if (is_admin("Annu_is_admin",$login)=="Y") {
// Decryptage des champs cryptes
if ( isset($add_user) && (isset($string_auth) || isset($string_auth1)) ) {
if ($string_auth !="") $naissance = decodekey($string_auth);
if ($string_auth1!="") $userpwd = decodekey($string_auth1);
}
// Ajout d'un utilisateur
if ( ( !$nom || !$prenom ) // absence de nom ou de prenom
|| ( !$naissance && ( !$userpwd || ( $userpwd && !verifPwd($userpwd) ) ) ) // pas de date de naissance et mot de passe absent ou invalide
|| ( $naissance && !verifDateNaissance($naissance) ) // date de naissance invalide
|| ( ($naissance && verifDateNaissance($naissance)) && ($userpwd && !verifPwd($userpwd)) ) // date de naissance mais password invalide
) {
?>
<form name="auth" action="add_user.php" method="post" onSubmit="encrypt(document.auth)">
<table border="0">
<tbody>
<tr>
<td>Nom :</td>
<td colspan="2" valign="top"><input type="sn" name="nom" value="<? echo $nom ?>" size="20"></td>
// Link form account ENT LCS
echo "<script type='text/javascript'>
// <![CDATA[
setTimeout(function(){
$( '#dialog-form' ).dialog('open' );
},1000);
//]]>
</script>\n";
}
elseif (mysqli_num_rows($result)==1)
{
//Open LCS session
$retour= mysqli_fetch_array($result);
$login=$retour[0];
$login_escp=((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $login) : ((trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR)) ? "" : ""));
$new_password = decodekey($_POST['string_new_mdp']);
// Open session and write in sessions table of lcs_db
$query="SELECT id, stat FROM personne WHERE login='******'";
$result=@mysqli_query($authlink, $query);
if ($result && mysqli_num_rows($result))
{
$idpers=mysql_result($result,0,0);
$stat=mysql_result($result,0,1)+1;
((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false);
}
else
{
// The login is not in the base... Create entry
$query="INSERT INTO personne VALUES ('', '', '', '$login_escp', '')";
$result=@mysqli_query($authlink, $query);
$query="SELECT id, stat FROM personne WHERE login='******'";
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n";
echo "<html>\n";
?>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>...::: Sauvegarde du nouveau jeu de clés d'authentification :::...</title>
<link href='../Annu/style.css' rel='StyleSheet' type='text/css'>
</head>
<body>
<div align="center">
<h2>Sauvegarde du nouveau jeu de clés d'authentification</h2>
</div>
<?php
if ( is_admin("Lcs_is_admin",$login) == "Y" ) {
// Decodage de la chaine d'authentification cote serveur avec une cle privee
$tmp = preg_split ("/[\|]/",decodekey($keys),5);
$p = $tmp[0];
$q = $tmp[1];
$pq = $tmp[2];
$d = $tmp[3];
$e = $tmp[4];
if ( $p && $q && $pq && $d && $e ) {
// sauvegarde de la cle publique
// open acces for keys
exec ("/usr/bin/sudo /usr/share/lcs/scripts/gestkeys.sh 'open'", $AllOutput, $ReturnValue);
// put keys
$public_key="var public_key_e=[".$e."];\n";
$public_key.="var public_key_pq=[".$pq."];\n";
$fp=@fopen("/usr/share/lcs/privatekey/public_key.js","w");
if($fp) {
fputs($fp,$public_key."\n");
$purifier = new HTMLPurifier($config);
//purification des variables
$string_auth=$purifier->purify($_POST['string_auth']);
$dummy=$purifier->purify($_POST['dummy']);
$string_auth1=$purifier->purify($_POST['string_auth1']);
$dummy1=$purifier->purify($_POST['dummy1']);
$string_auth2=$purifier->purify($_POST['string_auth2']);
$dummy2=$purifier->purify($_POST['dummy2']);
$mod_pwd=$purifier->purify($_POST['mod_pwd']);
}
if ($mod_pwd) {
// decryptage des mdp
$old_password = decodekey($string_auth);
$new_password = decodekey($string_auth1);
$verif_password = decodekey($string_auth2);
#DEBUG
if ($DEBUG) {
echo "crypto old pass : $string_auth<br />crypto new pass : $string_auth1<br />crypto verif pass : $string_auth2<br />";
echo "old_mdp : $old_password new mdp : $new_password verif mdp : $verif_password<br/>";
}
}
// teste si il faut resservir le formulaire de saisie
if ( (!$mod_pwd) ||
(($mod_pwd)&&(!verifPwd($new_password))) ||
(($mod_pwd)&&($new_password != $verif_password)) ||
(($mod_pwd)&&(!user_valid_passwd ( $login, $old_password ))) ||
(($mod_pwd)&&($new_password==$old_password))
) {
header_crypto_html("Modification mot de passe");
?>
$description=$purifier->purify($_POST['description']);
$userpwd=@$purifier->purify($_POST['userpwd']);
$shell=$purifier->purify($_POST['shell']);
$password=@$purifier->purify($_POST['password']);
$string_auth=$purifier->purify($_POST['string_auth']);
$pseudo=$purifier->purify($_POST['pseudo']);
}
}
$isadmin=is_admin("Annu_is_admin",$login);
if (($isadmin=="Y") or ((tstclass($login,$uid)==1) and (ldap_get_right("sovajon_is_admin",$login)=="Y"))) {
// Recuperation des entrees de l'utilisateur a modifier
$user=people_get_variables ($uid, false);
// Decryptage du mot de passe
if ( $user_entry && $string_auth)
$userpwd = decodekey($string_auth);
// Modification des entrees
if ( !$user_entry || ($user_entry && (!verifPseudo($pseudo) || !verifTel($telephone) || !verifEntree($nom) || !verifEntree($prenom) || !verifDescription($description) || ($userpwd && !verifPwd($userpwd)) ) ) ) {
header_crypto_html("Modification fiche utilisateur");
aff_trailer ("4");
?>
<form name = "auth" action="mod_user_entry.php" onSubmit = "encrypt(document.auth)" method="post">
<table align="center" border="0" width="90%">
<tbody>
<tr>
<td width="27%">Login : </td>
<td width="73%" colspan="2"><tt><strong><?php echo $user[0]["uid"]?></strong></tt></td>
</tr>
<tr>
<td width="27%">Prénom : </td>
<td width="73%" colspan="2"><input type="text" name="prenom" value="<?php echo $user[0]['prenom'];?>" size="20"></td>
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);
//purification des variables
if (isset($_POST['login'])) $login=$purifier->purify(trim($_POST['login'])); else $login="" ;
if (isset($_POST['dummy'])) $dummy=$purifier->purify($_POST['dummy']); else $dummy="" ;
if (isset($_POST['string_auth'])) $string_auth=$purifier->purify($_POST['string_auth']); else $string_auth="" ;
if (isset($_POST['time'])) $time=$purifier->purify($_POST['time']); else $time="" ;
if (isset($_POST['client_ip'])) $client_ip=$purifier->purify($_POST['client_ip']); else $client_ip="" ;
if (isset($_POST['timestamp'])) $timestamp=$purifier->purify($_POST['timestamp']); else $timestamp="" ;
if (isset($_GET['error'])) $error=$purifier->purify($_GET['error']);
}
if ($login) {
// Decodage de la chaine d'authentification cote serveur avec une cle privee extraction des parametres
$tmp = preg_split ("/[\|]/",decodekey($string_auth),4);
$pass = $tmp[0];
$ip_src = $tmp[1];
$timestamp = $tmp[2];
$timewait = $tmp[3];
$timetotal= $timewait+$timestamp+$MaxLifeTime;
// Verification de la validite de la source IP et du du TimeStamp
if ( $ip_src != remote_ip() && time() < $timetotal ) {
$error = 1;
} elseif ( time() > $timetotal && $ip_src == remote_ip() ) {
$error = 2;
} elseif ( $ip_src != remote_ip() && time() > $timetotal ) {
$error = 3;
} elseif ( !open_session( mb_strtolower($login), $pass, $string_auth) ) {
$error = 4;
}
} else $cr='NOK';
// Post CR report
echo $cr;
exit;
}
//check password account
if ( isset($_POST['string_old_mdp']) && (isset($_POST['string_new_mdp'])) && (isset($_POST['string_renew_mdp'])) && (isset($string_login)) )
{
// Must return "OK" if succes, "NOK" if unsucces and "ERROR" if system error
$login = $string_login;
// Decode crypt string
$old_password = decodekey($string_old_mdp);
$new_password = decodekey($string_new_mdp);
$verif_password = decodekey($string_renew_mdp);
if ( verifPwd($new_password) && ($new_password == $verif_password) && (user_valid_passwd ( $string_login, $old_password )) && ($new_password!=$old_password) )
{
if ( userChangedPwd($string_login, $new_password, $old_password ) )
{
$cr1='OK';
// verify if password data base of the user must change
@((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res);
@($GLOBALS["___mysqli_ston"] = mysqli_connect("localhost", $login, $new_password ));
if ( ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) )
exec ( escapeshellarg("$scriptsbinpath/mysqlPasswInit.pl")." ". escapeshellarg($login) ." ". escapeshellarg($passwd) );
@((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res);
}
else $cr1='NOK';
}
else $cr1='NOK';
