/**
  * Fetch an account
  *
  * @param integer $id        the account id to fetch
  * @param boolean $use_cache read the record from the cache, should (just about) always be true
  *
  * @return object the account as a phpgw_account derived object
  */
 public function get($id, $use_cache = true)
 {
     $id = (int) $id;
     $account = null;
     static $cache = array();
     if (isset($cache[$id])) {
         return $cache[$id];
     }
     if ($use_cache) {
         $account = phpgwapi_cache::system_get('phpgwapi', "account_{$id}");
         if (is_object($account)) {
             return $account;
         }
     }
     $this->db->query("SELECT * FROM phpgw_accounts WHERE account_id = {$id}", __LINE__, __FILE__);
     if ($this->db->next_record()) {
         $record = array('id' => $this->db->f('account_id'), 'lid' => $this->db->f('account_lid'), 'passwd_hash' => $this->db->f('account_pwd', true), 'firstname' => $this->db->f('account_firstname', true), 'lastname' => $this->db->f('account_lastname', true), 'last_login' => $this->db->f('account_lastlogin'), 'last_login_from' => $this->db->f('account_lastloginfrom'), 'last_passwd_change' => $this->db->f('account_lastpwd_change'), 'enabled' => $this->db->f('account_status') == 'A', 'expires' => $this->db->f('account_expires'), 'person_id' => $this->db->f('person_id'), 'quota' => $this->db->f('account_quota'), 'type' => $this->db->f('account_type'));
         if ($this->db->f('account_type') == 'g') {
             $account = new phpgwapi_group();
         } else {
             $account = new phpgwapi_user();
         }
         $account->init($record);
         phpgwapi_cache::system_set('phpgwapi', "account_{$id}", $account);
     }
     $cache[$id] = $account;
     return $account;
 }
 /**
  * Update the account data
  *
  * @param array $data the account data to use
  *
  * @return object the account
  *
  * @internal does not write it to the storage backend
  */
 public function update_data($data)
 {
     if ($this->get_type($data->id) == 'g') {
         $account = new phpgwapi_group();
     } else {
         $account = new phpgwapi_user();
     }
     $account->init($data);
     $this->account = $account;
     return $this->account;
 }
Exemple #3
0
/**
 * Validate the data for the admin user account
 *
 * @param string &$username the login id for the admin user - 
 * @param string $passwd    the password for the new user
 * @param string $passwd2   the verification password for the new user
 * @param string $fname     the first name of the administrator
 * @param string $lname     the lastname of the administrator
 *
 * @return array list of errors - empty array if valid
 *
 * @internal we pass the username by ref so it can be unset if invalid
 */
function validate_admin(&$username, $passwd, &$passwd2, $fname, $lname)
{
    phpgw::import_class('phpgwapi.globally_denied');
    $errors = array();
    if ($passwd != $passwd2) {
        $errors[] = lang('Passwords did not match, please re-enter');
    } else {
        $account = new phpgwapi_user();
        try {
            $account->validate_password($passwd);
        } catch (Exception $e) {
            $errors[] = $e->getMessage();
        }
    }
    if (!$username) {
        $errors[] = lang('You must enter a username for the admin');
    } else {
        if (phpgwapi_globally_denied::user($username)) {
            $errors[] = lang('You can not use %1 as the admin username, please try again with another username', $username);
            $username = '';
        }
    }
    return $errors;
}
 /**
  * Saves a new user (account) or update an existing one
  *
  * @param array &$values Account details
  *
  * @return integer the account id - 0 = error
  */
 function save_user(&$values)
 {
     if (!is_array($values)) {
         throw new Exception(lang('Invalid data'));
     }
     if (!(isset($values['id']) && $values['id']) && $GLOBALS['phpgw']->acl->check('account_access', phpgwapi_acl::ADD, 'admin')) {
         throw new Exception(lang('no permission to add users'));
     }
     if ($values['id']) {
         $user = $GLOBALS['phpgw']->accounts->get($values['id']);
     } else {
         $user = new phpgwapi_user();
     }
     if (isset($values['expires_never']) && $values['expires_never']) {
         $values['expires'] = -1;
         $values['account_expires'] = $values['expires'];
     } else {
         $date_valid = checkdate($values['account_expires_month'], $values['account_expires_day'], $values['account_expires_year']);
         if (!$date_valid) {
             throw new Exception(lang('You have entered an invalid expiration date'));
         }
         $values['expires'] = mktime(2, 0, 0, $values['account_expires_month'], $values['account_expires_day'], $values['account_expires_year']);
         $values['account_expires'] = $values['expires'];
     }
     if (!$user->old_loginid && !$values['passwd']) {
         throw new Exception('You must enter a password');
     }
     if (!$values['lid']) {
         throw new Exception(lang('You must enter a loginid'));
     }
     if ($user->old_loginid != $values['lid']) {
         if ($GLOBALS['phpgw']->accounts->exists($values['lid'])) {
             throw new Exception(lang('That loginid has already been taken'));
         }
     }
     if ($values['passwd'] || $values['passwd_2']) {
         if ($values['passwd'] != $values['passwd_2']) {
             throw new Exception(lang('The passwords don\'t match'));
         }
     }
     if (!count($values['account_permissions']) && !count($values['account_groups'])) {
         throw new Exception(lang('You must add at least 1 application or group to this account'));
     }
     $user_data = array('id' => (int) $values['id'], 'lid' => $values['lid'], 'firstname' => $values['firstname'], 'lastname' => $values['lastname'], 'enabled' => isset($values['enabled']) ? $values['enabled'] : '', 'expires' => $values['expires'], 'quota' => $values['quota']);
     if ($values['passwd']) {
         $user_data['passwd'] = $values['passwd'];
     }
     if (false) {
         $user_data['homedirectory'] = $values['homedirectory'];
         $user_data['loginshell'] = $values['loginshell'];
     }
     $groups = $values['account_groups'];
     $acls = array();
     if (isset($values['changepassword']) && $values['changepassword']) {
         $acls[] = array('appname' => 'preferences', 'location' => 'changepassword', 'rights' => 1);
     }
     if (isset($values['anonymous']) && $values['anonymous']) {
         $acls[] = array('appname' => 'phpgwapi', 'location' => 'anonymous', 'rights' => 1);
     }
     $apps_admin = $values['account_permissions_admin'] ? array_keys($values['account_permissions_admin']) : array();
     foreach ($apps_admin as $app_admin) {
         $acls[] = array('appname' => $app_admin, 'location' => 'admin', 'rights' => phpgwapi_acl::ADD);
     }
     $apps = $values['account_permissions'] ? array_keys($values['account_permissions']) : array();
     unset($values['account_groups'], $values['account_permissions'], $values['account_permissions_admin']);
     try {
         foreach ($user_data as $key => $val) {
             $user->{$key} = $val;
         }
     } catch (Exception $e) {
         throw $e;
     }
     if ($user->id) {
         phpgwapi_cache::user_clear('phpgwapi', 'menu', $user->id);
     }
     if (!$user->is_dirty()) {
         return $user->id;
     }
     if ($user->id) {
         if ($GLOBALS['phpgw']->accounts->update_user($user, $groups, $acls, $apps)) {
             return $user->id;
         }
     } else {
         return $GLOBALS['phpgw']->accounts->create($user, $groups, $acls, $apps);
         return $user->id;
     }
     return 0;
 }
}
$GLOBALS['phpgw']->template->set_file(array('form' => 'changepassword.tpl'));
$GLOBALS['phpgw']->template->set_var('lang_enter_password', lang('Enter your new password'));
$GLOBALS['phpgw']->template->set_var('lang_reenter_password', lang('Re-enter your password'));
$GLOBALS['phpgw']->template->set_var('lang_change', lang('Change'));
$GLOBALS['phpgw']->template->set_var('lang_cancel', lang('Cancel'));
$GLOBALS['phpgw']->template->set_var('form_action', $GLOBALS['phpgw']->link('/preferences/changepassword.php'));
if ($GLOBALS['phpgw_info']['server']['auth_type'] != 'ldap') {
    $GLOBALS['phpgw']->template->set_var('sql_message', lang('note: This feature does *not* change your email password. This will ' . 'need to be done manually.'));
}
if (isset($_POST['change']) && $_POST['change']) {
    $errors = array();
    if ($n_passwd != $n_passwd_2) {
        $errors[] = lang('The two passwords are not the same');
    } else {
        $account = new phpgwapi_user();
        try {
            $account->validate_password($n_passwd);
        } catch (Exception $e) {
            $errors[] = $e->getMessage();
            //	trigger_error($e->getMessage(), E_USER_WARNING);
        }
    }
    if (!$n_passwd) {
        $errors[] = lang('You must enter a password');
    }
    if (count($errors)) {
        $GLOBALS['phpgw']->common->phpgw_header();
        echo parse_navbar();
        $GLOBALS['phpgw']->template->set_var('messages', $GLOBALS['phpgw']->common->error_list($errors));
        $GLOBALS['phpgw']->template->pfp('out', 'form');
 function lostpw3()
 {
     $r_reg = phpgw::get_var('r_reg');
     $lid = $GLOBALS['phpgw']->session->appsession('loginid', 'registration');
     if (!$lid) {
         $error[] = lang('Wrong session');
     }
     if ($r_reg['passwd'] != $r_reg['passwd_2']) {
         $errors[] = lang('The two passwords are not the same');
     }
     if (!$r_reg['passwd']) {
         $errors[] = lang('You must enter a password');
     } else {
         $account = new phpgwapi_user();
         try {
             $account->validate_password($r_reg['passwd']);
         } catch (Exception $e) {
             $errors[] = $e->getMessage();
         }
     }
     if (!is_array($errors)) {
         $so = createobject('registration.soreg');
         $so->lostpw3($lid, $r_reg['passwd']);
     }
     $ui = createobject('registration.uireg');
     if (is_array($errors)) {
         $ui->lostpw3($errors, $r_reg, $lid);
     } else {
         $ui->lostpw4();
     }
     return True;
 }
 public function get($id, $use_cache = true)
 {
     $id = (int) $id;
     $account = null;
     if (!$id) {
         return null;
     }
     if ($use_cache) {
         $account = phpgwapi_cache::system_get('phpgwapi', "account_{$id}");
         if (is_object($account)) {
             return $account;
         }
     }
     $acct_type = $this->get_type($id);
     /* search the dn for the given uid */
     if ($acct_type == phpgwapi_account::TYPE_GROUP && $this->group_context) {
         $sri = ldap_search($this->ds, $this->group_context, "gidnumber={$id}");
     } else {
         if ($acct_type == phpgwapi_account::TYPE_USER && $this->user_context) {
             $sri = ldap_search($this->ds, $this->user_context, "uidnumber={$id}");
         } else {
             throw new Exception('Invalid account requested');
         }
     }
     $entries = ldap_get_entries($this->ds, $sri);
     // first in best dressed - we can't tell which one is the correct one
     $entry = $entries[0];
     unset($entries);
     $record = array();
     /* Now dump it into the array; take first entry found */
     if (isset($entry['phpgwcontactid'])) {
         $record['person_id'] = $entry['phpgwcontactid'][0];
     }
     $record['dn'] = $entry['dn'];
     $record['fullname'] = $entry['cn'][0];
     if ($acct_type == 'g') {
         $record['id'] = $entry['gidnumber'][0];
         $record['lid'] = $entry['cn'][0];
         $record['firstname'] = $entry['cn'][0];
         $record['lastname'] = lang('group');
         $record['type'] = 'g';
         $account = new phpgwapi_group();
     } else {
         $record['id'] = $entry['uidnumber'][0];
         $record['lid'] = $entry['uid'][0];
         $record['firstname'] = isset($entry['givenname']) && isset($entry['givenname'][0]) ? $entry['givenname'][0] : '';
         $record['lastname'] = isset($entry['sn']) && isset($entry['sn'][0]) ? $entry['sn'][0] : '';
         $record['expires'] = $record['account_expires'] = $entry['phpgwaccountexpires'][0];
         //		$record['homedirectory']    = isset($entry['homedirectory']) ? $entry['homedirectory'][0] : self::FALLBACK_HOMEDIRECTORY;
         //		$record['loginshell']       = isset($entry['loginshell']) ? $entry['loginshell'][0] : self::FALLBACK_LOGINSHELL;
         $record['enabled'] = isset($entry['phpgwaccountstatus']) && $entry['phpgwaccountstatus'][0] == 'A' ? true : false;
         $record['type'] = 'u';
         if (!isset($entry['phpgwquota']) || $entry['phpgwquota'] === '') {
             $record['quota'] = $this->quota;
             // set to 0 by default
         } else {
             $record['quota'] = $entry['phpgwquota'][0];
         }
         $account = new phpgwapi_user();
     }
     $account->init($record);
     phpgwapi_cache::system_set('phpgwapi', "account_{$id}", $account);
     return $account;
 }