}
} elseif ($_POST) {
$user_form = UserForm::getUserForm()->getForm($_POST);
if ($thisclient) {
$user_form->getField('email')->configure('disabled', true);
$user_form->getField('email')->value = $thisclient->getEmail();
}
if (!$user_form->isValid(function ($f) {
return !$f->get('private');
})) {
$errors['err'] = __('Incomplete client information');
} elseif (!$_POST['backend'] && !$_POST['passwd1']) {
$errors['passwd1'] = __('New password is required');
} elseif (!$_POST['backend'] && $_POST['passwd2'] != $_POST['passwd1']) {
$errors['passwd1'] = __('Passwords do not match');
} elseif (($addr = $user_form->getField('email')->getClean()) && ClientAccount::lookupByUsername($addr)) {
$user_form->getField('email')->addError(sprintf(__('Email already registered. Would you like to %1$s sign in %2$s?'), '<a href="login.php?e=' . urlencode($addr) . '" style="color:inherit"><strong>', '</strong></a>'));
$errors['err'] = __('Unable to register account. See messages below');
} elseif (isset($_POST['backend']) && !($user = User::fromVars($user_form->getClean()))) {
$errors['err'] = __('Unable to create local account. See messages below');
} elseif (!$user && !$thisclient && !($user = User::fromVars($user_form->getClean()))) {
$errors['err'] = __('Unable to register account. See messages below');
} elseif (!$user && !($user = $thisclient ?: User::fromForm($user_form))) {
$errors['err'] = __('Unable to register account. See messages below');
} else {
if (!($acct = ClientAccount::createForUser($user))) {
$errors['err'] = __('Internal error. Unable to create new account');
} elseif (!$acct->update($_POST, $errors)) {
$errors['err'] = __('Errors configuring your profile. See messages below');
}
}
if (!defined('INCLUDE_DIR')) {
die('Fatal Error');
}
define('CLIENTINC_DIR', INCLUDE_DIR . 'client/');
define('OSTCLIENTINC', TRUE);
//make includes happy
require_once INCLUDE_DIR . 'class.client.php';
$inc = 'pwreset.request.php';
if ($_POST) {
if (!$ost->checkCSRFToken()) {
Http::response(400, __('Valid CSRF Token Required'));
exit;
}
switch ($_POST['do']) {
case 'sendmail':
if ($acct = ClientAccount::lookupByUsername($_POST['userid'])) {
if (!$acct->isPasswdResetEnabled()) {
$banner = __('Password reset is not enabled for your account. Contact your administrator');
} elseif ($acct->sendResetEmail()) {
$inc = 'pwreset.sent.php';
} else {
$banner = __('Unable to send reset email. Internal error');
}
} else {
$banner = sprintf(__('Unable to verify username: %s'), Format::htmlchars($_POST['userid']));
}
break;
case 'reset':
$inc = 'pwreset.login.php';
$errors = array();
if ($client = UserAuthenticationBackend::processSignOn($errors)) {
function signOn()
{
global $cfg;
if (isset($_SESSION[':cas'])) {
$acct = ClientAccount::lookupByUsername($this->cas->getEmail());
$client = null;
if ($acct && $acct->getId()) {
$client = new ClientSession(new EndUser($acct->getUser()));
}
if (!$client) {
$client = new ClientCreateRequest($this, $this->cas->getEmail(), $this->cas->getProfile());
if (!$cfg || !$cfg->isClientRegistrationEnabled() && self::$config->get('cas-force-register')) {
$client = $client->attemptAutoRegister();
}
}
return $client;
}
}
function signOn($errors = array())
{
global $ost;
if (!isset($_POST['userid']) || !isset($_POST['token'])) {
return false;
} elseif (!($_config = new Config('pwreset'))) {
return false;
} elseif (!($acct = ClientAccount::lookupByUsername($_POST['userid'])) || !$acct->getId() || !($client = new ClientSession(new EndUser($acct->getUser())))) {
$errors['msg'] = __('Invalid user-id given');
} elseif (!($id = $_config->get($_POST['token'])) || $id != $client->getId()) {
$errors['msg'] = __('Invalid reset token');
} elseif (!($ts = $_config->lastModified($_POST['token'])) && $ost->getConfig()->getPwResetWindow() < time() - strtotime($ts)) {
$errors['msg'] = __('Invalid reset token');
} elseif (!$acct->forcePasswdReset()) {
$errors['msg'] = __('Unable to reset password');
} else {
return $client;
}
}
function authOrCreate($username)
{
global $cfg;
switch ($this->type) {
case 'staff':
if (($user = StaffSession::lookup($username)) && $user->getId()) {
if (!$user instanceof StaffSession) {
// osTicket <= v1.9.7 or so
$user = new StaffSession($user->getId());
}
return $user;
} else {
$staff_groups = preg_split('/;|,/', $config->get('multiauth-staff-group'));
$chkgroup;
foreach ($staff_groups as $staff_group) {
if ($ldap->checkGroup($name, $staff_group)) {
$chkgroup = true;
break;
}
}
$config = $this->getConfig();
if ($config->get('multiauth-staff-register') && $chkgroup) {
if (!($info = $this->lookup($username, false))) {
return;
}
$errors = array();
$staff = array();
$staff['username'] = $info['username'];
$staff['firstname'] = $info['first'];
$staff['lastname'] = $info['last'];
$staff['email'] = $info['email'];
$staff['isadmin'] = 0;
$staff['isactive'] = 1;
$staff['group_id'] = 1;
$staff['dept_id'] = 1;
$staff['welcome_email'] = "on";
$staff['timezone_id'] = 8;
$staff['isvisible'] = 1;
Staff::create($staff, $errors);
if (($user = StaffSession::lookup($username)) && $user->getId()) {
if (!$user instanceof StaffSession) {
$user = new StaffSession($user->getId());
}
return $user;
}
}
}
break;
case 'client':
// Lookup all the information on the user. Try to get the email
// addresss as well as the username when looking up the user
// locally.
if (!($info = $this->search($username)[0])) {
return;
}
$acct = ClientAccount::lookupByUsername($username);
if ($acct && $acct->getId()) {
$client = new ClientSession(new EndUser($acct->getUser()));
}
if (!$client) {
$info['name'] = $info['first'] . " " . $info['last'];
$client = new ClientCreateRequest($this, $username, $info);
//if (!$cfg || !$cfg->isClientRegistrationEnabled() && self::$config->get('multiauth-force-register')) {
// return $client->attemptAutoRegister();
//}
}
return $client;
}
return null;
}
