public static function changePersonalPassword($args)
{
// Check if we are an user
\OC_JSON::callCheck();
\OC_JSON::checkLoggedIn();
$username = \OC_User::getUser();
$password = isset($_POST['personal-password']) ? $_POST['personal-password'] : null;
$oldPassword = isset($_POST['oldpassword']) ? $_POST['oldpassword'] : '';
if (!\OC_User::checkPassword($username, $oldPassword)) {
$l = new \OC_L10n('settings');
\OC_JSON::error(array("data" => array("message" => $l->t("Wrong password"))));
exit;
}
if ($oldPassword === $password) {
$l = new \OC_L10n('settings');
\OC_JSON::error(array("data" => array("message" => $l->t("The new password can not be the same as the previous one"))));
exit;
}
if (!is_null($password) && \OC_User::setPassword($username, $password)) {
\OC::$server->getUserSession()->updateSessionTokenPassword($password);
\OC_JSON::success();
} else {
\OC_JSON::error();
}
}
public function testAddUser()
{
$this->resetParams();
$_POST['userid'] = $this->getUniqueID();
$_POST['password'] = '******';
$result = \OCA\provisioning_API\Users::addUser(array());
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertTrue($result->succeeded());
$this->assertTrue(\OC_User::userExists($_POST['userid']));
$this->assertEquals($_POST['userid'], \OC_User::checkPassword($_POST['userid'], $_POST['password']));
$this->users[] = $_POST['userid'];
}
public function testCheckPassword()
{
$this->backend->expects($this->once())->method('checkPassword')->with($this->equalTo('foo'), $this->equalTo('bar'))->will($this->returnValue('foo'));
$this->backend->expects($this->any())->method('implementsActions')->will($this->returnCallback(function ($actions) {
if ($actions === \OC_USER_BACKEND_CHECK_PASSWORD) {
return true;
} else {
return false;
}
}));
$uid = \OC_User::checkPassword('foo', 'bar');
$this->assertEquals($uid, 'foo');
}
public static function check()
{
$login = isset($_POST['login']) ? $_POST['login'] : false;
$password = isset($_POST['password']) ? $_POST['password'] : false;
if ($login && $password) {
if (\OC_User::checkPassword($login, $password)) {
$xml['person']['personid'] = $login;
return new Result($xml);
} else {
return new Result(null, 102);
}
} else {
return new Result(null, 101);
}
}
public static function changePersonalPassword($args)
{
// Check if we are an user
\OC_JSON::callCheck();
\OC_JSON::checkLoggedIn();
$username = \OC_User::getUser();
$password = isset($_POST['personal-password']) ? $_POST['personal-password'] : null;
$oldPassword = isset($_POST['oldpassword']) ? $_POST['oldpassword'] : '';
if (!\OC_User::checkPassword($username, $oldPassword)) {
$l = new \OC_L10n('settings');
\OC_JSON::error(array("data" => array("message" => $l->t("Wrong password"))));
exit;
}
if (!is_null($password) && \OC_User::setPassword($username, $password)) {
\OC_JSON::success();
} else {
\OC_JSON::error();
}
}
/**
* Check if the password is correct
* @param string $uid The username
* @param string $password The password
* @return string|false username on success, false otherwise
*
* Check if the password is correct without logging in the user
*/
public static function checkPassword($uid, $password)
{
return \OC_User::checkPassword($uid, $password);
}
OCP\JSON::callCheck();
OC_JSON::checkLoggedIn();
// Manually load apps to ensure hooks work correctly (workaround for issue 1503)
OC_APP::loadApps();
$username = isset($_POST['username']) ? $_POST['username'] : OC_User::getUser();
$password = isset($_POST['password']) ? $_POST['password'] : null;
$oldPassword = isset($_POST['oldpassword']) ? $_POST['oldpassword'] : '';
$recoveryPassword = isset($_POST['recoveryPassword']) ? $_POST['recoveryPassword'] : null;
$userstatus = null;
if (OC_User::isAdminUser(OC_User::getUser())) {
$userstatus = 'admin';
}
if (OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
$userstatus = 'subadmin';
}
if (OC_User::getUser() === $username && OC_User::checkPassword($username, $oldPassword)) {
$userstatus = 'user';
}
if (is_null($userstatus)) {
OC_JSON::error(array('data' => array('message' => 'Authentication error')));
exit;
}
if (\OCP\App::isEnabled('files_encryption') && $userstatus !== 'user') {
//handle the recovery case
$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), $username);
$recoveryAdminEnabled = OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled');
$validRecoveryPassword = false;
$recoveryPasswordSupported = false;
if ($recoveryAdminEnabled) {
$validRecoveryPassword = $util->checkRecoveryPassword($recoveryPassword);
$recoveryEnabledForUser = $util->recoveryEnabledForUser();
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
$RUNTIME_NOAPPS = TRUE;
//no apps, yet
require_once '../../lib/base.php';
if (!OC_User::isLoggedIn()) {
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="ownCloud Server"');
header('HTTP/1.0 401 Unauthorized');
echo 'Valid credentials must be supplied';
exit;
} else {
if (!OC_User::checkPassword($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) {
exit;
}
}
}
$groups = array();
foreach (OC_Group::getGroups() as $i) {
// Do some more work here soon
$groups[] = array("groupname" => $i);
}
OC_JSON::encodedPrint($groups);
<?php
// Init owncloud
require_once '../../lib/base.php';
$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
$password = $_POST["password"];
$oldPassword = isset($_POST["oldpassword"]) ? $_POST["oldpassword"] : '';
// Check if we are a user
OC_JSON::checkLoggedIn();
if (!OC_Group::inGroup(OC_User::getUser(), 'admin') && ($username != OC_User::getUser() || !OC_User::checkPassword($username, $oldPassword))) {
OC_JSON::error(array("data" => array("message" => "Authentication error")));
exit;
}
// Return Success story
if (OC_User::setPassword($username, $password)) {
OC_JSON::success(array("data" => array("username" => $username)));
} else {
OC_JSON::error(array("data" => array("message" => "Unable to change password")));
}
/**
* Perform a user authorization
* @global array $profile
*/
function authorize_mode()
{
global $profile;
global $USERNAME;
global $IDENTITY;
// this is a user session
// the user needs refresh urls in their session to access this mode
if (!isset($_SESSION['post_auth_url']) || !isset($_SESSION['cancel_auth_url'])) {
error_500('You may not access this mode directly.');
}
$profile['idp_url'] = $IDENTITY;
if (isset($_SERVER['PHP_AUTH_USER']) && $profile['authorized'] === false && $_SERVER['PHP_AUTH_USER'] == $USERNAME) {
if (OC_User::checkPassword($USERNAME, $_SERVER['PHP_AUTH_PW'])) {
// successful login!
// return to the refresh url if they get in
$_SESSION['openid_auth'] = true;
$_SESSION['openid_user'] = $USERNAME;
wrap_redirect($_SESSION['post_auth_url']);
// failed login
} else {
$_SESSION['failures']++;
debug('Login failed');
debug('Fail count: ' . $_SESSION['failures']);
}
}
// if we get this far the user is not authorized, so send the headers
$uid = uniqid(mt_rand(1, 9));
$_SESSION['uniqid'] = $uid;
// debug('Prompting user to log in. Stale? ' . $stale);
header('HTTP/1.0 401 Unauthorized');
// header(sprintf('WWW-Authenticate: Digest qop="auth-int, auth", realm="%s", domain="%s", nonce="%s", opaque="%s", stale="%s", algorithm="MD5"', $profile['auth_realm'], $profile['auth_domain'], $uid, md5($profile['auth_realm']), $stale ? 'true' : 'false'));
header('WWW-Authenticate: Basic realm="ownCloud"');
$q = strpos($_SESSION['cancel_auth_url'], '?') ? '&' : '?';
wrap_refresh($_SESSION['cancel_auth_url'] . $q . 'openid.mode=cancel');
// die('401 Unauthorized');
}
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
$_POST = $_GET;
//debug
require_once '../../lib/base.php';
OC_JSON::checkAppEnabled('media');
require_once 'lib_collection.php';
$user = isset($_POST['user']) ? $_POST['user'] : '';
$pass = isset($_POST['pass']) ? $_POST['pass'] : '';
if (OC_User::checkPassword($user, $pass)) {
OC_Util::setupFS($user);
OC_MEDIA_COLLECTION::$uid = $user;
} else {
exit;
}
if (isset($_POST['play']) and $_POST['play'] == 'true') {
if (!isset($_POST['song'])) {
exit;
}
$song = OC_MEDIA_COLLECTION::getSong($_POST['song']);
$ftype = OC_Filesystem::getMimeType($song['song_path']);
header('Content-Type:' . $ftype);
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
// Check if we are a user
OCP\JSON::callCheck();
OC_JSON::checkLoggedIn();
$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
$password = $_POST["password"];
$oldPassword = isset($_POST["oldpassword"]) ? $_POST["oldpassword"] : '';
$userstatus = null;
if (OC_Group::inGroup(OC_User::getUser(), 'admin')) {
$userstatus = 'admin';
}
if (OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
$userstatus = 'subadmin';
}
if (OC_User::getUser() === $username) {
if (OC_User::checkPassword($username, $oldPassword)) {
$userstatus = 'user';
} else {
if (!OC_Util::isUserVerified()) {
$userstatus = null;
}
}
}
if (is_null($userstatus)) {
OC_JSON::error(array("data" => array("message" => "Authentication error")));
exit;
}
if ($userstatus === 'admin' || $userstatus === 'subadmin') {
OC_JSON::verifyUser();
}
// Return Success story
