/**
* validate settings
*
* @return 0, if everything is ok, an error code otherwise
*/
public function validate()
{
if ($this->isAutomaticHTTPSEnabled() && (strlen($this->getAutomaticHTTPSHeaderName()) == 0 || strlen($this->getAutomaticHTTPSHeaderValue()) == 0)) {
return ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS;
}
include_once './Services/Http/classes/class.ilHTTPS.php';
if ($this->isHTTPSEnabled()) {
if (!ilHTTPS::_checkHTTPS()) {
return ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE;
}
} elseif (!ilHTTPS::_checkHTTP()) {
return ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE;
}
if ($this->getAccountSecurityMode() == self::ACCOUNT_SECURITY_MODE_CUSTOMIZED) {
if ($this->getPasswordMinLength() < 0) {
return self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH;
}
if ($this->getPasswordMaxLength() < 0) {
return self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH;
}
$password_min_length = 1;
if ($this->isPasswordCharsAndNumbersEnabled()) {
$password_min_length++;
$password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2;
if ($this->isPasswordSpecialCharsEnabled()) {
$password_min_length++;
$password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3;
}
}
if ($this->getPasswordMinLength() > 0 && $this->getPasswordMinLength() < $password_min_length) {
return $password_min_length_error_code;
}
if ($this->getPasswordMaxLength() > 0 && $this->getPasswordMaxLength() < $this->getPasswordMinLength()) {
return self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH;
}
if ($this->getPasswordMaxAge() < 0) {
return self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE;
}
if ($this->getLoginMaxAttempts() < 0) {
return self::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS;
}
}
/*
* todo: have to check for local auth if first login password change is enabled??
* than: add errorcode
*/
return 0;
}
/**
* validate settings
*
* @return 0, if everything is ok, an error code otherwise
*/
public function validate(ilPropertyFormGUI $a_form = null)
{
$code = null;
if ($a_form) {
include_once "Services/PrivacySecurity/classes/class.ilObjPrivacySecurityGUI.php";
}
// handled in form itself
if ($this->isAutomaticHTTPSEnabled() && (strlen($this->getAutomaticHTTPSHeaderName()) == 0 || strlen($this->getAutomaticHTTPSHeaderValue()) == 0)) {
return ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS;
}
include_once './Services/Http/classes/class.ilHTTPS.php';
if ($this->isHTTPSEnabled()) {
if (!ilHTTPS::_checkHTTPS()) {
$code = ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE;
if (!$a_form) {
return $code;
} else {
$a_form->getItemByPostVar('https_enabled')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
}
}
} elseif (!ilHTTPS::_checkHTTP()) {
$code = ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE;
if (!$a_form) {
return $code;
} else {
$a_form->getItemByPostVar('https_enabled')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
}
}
if ($this->getPasswordMinLength() < 0) {
$code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH;
if (!$a_form) {
return $code;
} else {
$a_form->getItemByPostVar('password_min_length')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
}
}
if ($this->getPasswordMaxLength() < 0) {
$code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH;
if (!$a_form) {
return $code;
} else {
$a_form->getItemByPostVar('password_max_length')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
}
}
$password_min_length = 1;
if ($this->getPasswordNumberOfUppercaseChars() > 0 || $this->getPasswordNumberOfLowercaseChars() > 0) {
$password_min_length = 0;
if ($this->getPasswordNumberOfUppercaseChars() > 0) {
$password_min_length += $this->getPasswordNumberOfUppercaseChars();
}
if ($this->getPasswordNumberOfLowercaseChars() > 0) {
$password_min_length += $this->getPasswordNumberOfLowercaseChars();
}
$password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1;
}
if ($this->isPasswordCharsAndNumbersEnabled()) {
$password_min_length++;
$password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2;
if ($this->isPasswordSpecialCharsEnabled()) {
$password_min_length++;
$password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3;
}
} else {
if ($password_min_length > 1 && $this->isPasswordSpecialCharsEnabled()) {
$password_min_length++;
$password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3;
}
}
if ($this->getPasswordMinLength() > 0 && $this->getPasswordMinLength() < $password_min_length) {
$code = $password_min_length_error_code;
if (!$a_form) {
return $code;
} else {
$a_form->getItemByPostVar('password_min_length')->setAlert(sprintf(ilObjPrivacySecurityGUI::getErrorMessage($code), $password_min_length));
}
}
if ($this->getPasswordMaxLength() > 0 && $this->getPasswordMaxLength() < $this->getPasswordMinLength()) {
$code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH;
if (!$a_form) {
return $code;
} else {
$a_form->getItemByPostVar('password_max_length')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
}
}
if ($this->getPasswordMaxAge() < 0) {
$code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE;
if (!$a_form) {
return $code;
} else {
$a_form->getItemByPostVar('password_max_age')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
}
}
if ($this->getLoginMaxAttempts() < 0) {
$code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS;
if (!$a_form) {
return $code;
} else {
$a_form->getItemByPostVar('login_max_attempts')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
}
}
/*
* todo: have to check for local auth if first login password change is enabled??
* than: add errorcode
*/
if (!$a_form) {
return 0;
} else {
return !(bool) $code;
}
}
