Encode a password for transmission over LDAP.
public static encodePassword ( string $password ) : string | ||
$password | string | The password to encode |
Résultat | string |
/** * Change the password of the current user. This must be performed over SSL. * * @param string $oldPassword The new password * @param string $newPassword The old password * @param bool $replaceNotRemove Alternative password change method. Set to true if you're receiving 'CONSTRAINT' * errors. * * @throws AdldapException * * @return bool */ public function changePassword($oldPassword, $newPassword, $replaceNotRemove = false) { $connection = $this->query->getConnection(); if (!$connection->isUsingSSL() && !$connection->isUsingTLS()) { $message = 'SSL or TLS must be configured on your web server and enabled to change passwords.'; throw new AdldapException($message); } $attribute = $this->schema->unicodePassword(); $modifications = []; if ($replaceNotRemove === true) { $modifications[] = new BatchModification($attribute, LDAP_MODIFY_BATCH_REPLACE, [Utilities::encodePassword($newPassword)]); } else { // Create batch modification for removing the old password. $modifications[] = new BatchModification($attribute, LDAP_MODIFY_BATCH_REMOVE, [Utilities::encodePassword($oldPassword)]); // Create batch modification for adding the new password. $modifications[] = new BatchModification($attribute, LDAP_MODIFY_BATCH_ADD, [Utilities::encodePassword($newPassword)]); } // Add the modifications. foreach ($modifications as $modification) { $this->addModification($modification); } // Update the user. $result = $this->update(); if ($result === false && ($error = $connection->getExtendedError())) { // If the user failed to update, we'll see if we can // figure out why by retrieving the extended error. switch ($code = $connection->getExtendedErrorCode()) { case '0000052D': throw new UserPasswordPolicyException("Error: {$code}. Your new password does not match the password policy."); case '00000056': throw new UserPasswordIncorrectException($message = "Error: {$code}. Your old password is incorrect."); default: throw new AdldapException("Error: {$error}"); } } return $result; }
/** * Change the password of the current user. This must be performed over SSL. * * @param string $oldPassword The new password * @param string $newPassword The old password * * @throws AdldapException * @throws PasswordPolicyException * @throws WrongPasswordException * * @return bool */ public function changePassword($oldPassword, $newPassword) { $connection = $this->query->getConnection(); if (!$connection->isUsingSSL() && !$connection->isUsingTLS()) { $message = 'SSL or TLS must be configured on your web server and enabled to change passwords.'; throw new AdldapException($message); } $attribute = $this->schema->unicodePassword(); // Create batch modification for removing the old password. $remove = new BatchModification(); $remove->setAttribute($attribute); $remove->setType(LDAP_MODIFY_BATCH_REMOVE); $remove->setValues([Utilities::encodePassword($oldPassword)]); // Create batch modification for adding the new password. $add = new BatchModification(); $add->setAttribute($attribute); $add->setType(LDAP_MODIFY_BATCH_ADD); $add->setValues([Utilities::encodePassword($newPassword)]); // Add the modifications. $this->addModification($remove); $this->addModification($add); // Update the user. $result = $this->update(); if ($result === false) { // If the user failed to update, we'll see if we can // figure out why by retrieving the extended error. $error = $connection->getExtendedError(); if ($error) { $errorCode = $connection->getExtendedErrorCode(); $message = "Error: {$error}"; if ($errorCode == '0000052D') { $message = "Error: {$errorCode}. Your new password might not match the password policy."; throw new PasswordPolicyException($message); } elseif ($errorCode == '00000056') { $message = "Error: {$errorCode}. Your old password might be wrong."; throw new WrongPasswordException($message); } throw new AdldapException($message); } else { return false; } } return $result; }
/** * Change the password of the current user. This must be performed over SSL. * * @param string $oldPassword The new password * @param string $newPassword The old password * * @throws AdldapException * @throws PasswordPolicyException * @throws WrongPasswordException * * @return bool */ public function changePassword($oldPassword, $newPassword) { $connection = $this->query->getConnection(); if (!$connection->isUsingSSL() && !$connection->isUsingTLS()) { $message = 'SSL or TLS must be configured on your web server and enabled to change passwords.'; throw new AdldapException($message); } $attribute = ActiveDirectory::UNICODE_PASSWORD; $remove = new BatchModification(); $remove->setAttribute($attribute); $remove->setType(LDAP_MODIFY_BATCH_REMOVE); $remove->setValues([Utilities::encodePassword($oldPassword)]); $add = new BatchModification(); $add->setAttribute($attribute); $add->setType(LDAP_MODIFY_BATCH_ADD); $add->setValues([Utilities::encodePassword($newPassword)]); $this->addModification($remove); $this->addModification($add); $result = $this->update(); if ($result === false) { $error = $connection->getExtendedError(); if ($error) { $errorCode = $connection->getExtendedErrorCode(); $message = 'Error: ' . $error; if ($errorCode == '0000052D') { $message = "Error: {$errorCode}. Your new password might not match the password policy."; throw new PasswordPolicyException($message); } elseif ($errorCode == '00000056') { $message = "Error: {$errorCode}. Your old password might be wrong."; throw new WrongPasswordException($message); } throw new AdldapException($message); } else { return false; } } return $result; }