/** * validate settings * * @return 0, if everything is ok, an error code otherwise */ public function validate() { if ($this->isAutomaticHTTPSEnabled() && (strlen($this->getAutomaticHTTPSHeaderName()) == 0 || strlen($this->getAutomaticHTTPSHeaderValue()) == 0)) { return ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS; } include_once './Services/Http/classes/class.ilHTTPS.php'; if ($this->isHTTPSEnabled()) { if (!ilHTTPS::_checkHTTPS()) { return ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE; } } elseif (!ilHTTPS::_checkHTTP()) { return ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE; } if ($this->getAccountSecurityMode() == self::ACCOUNT_SECURITY_MODE_CUSTOMIZED) { if ($this->getPasswordMinLength() < 0) { return self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH; } if ($this->getPasswordMaxLength() < 0) { return self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH; } $password_min_length = 1; if ($this->isPasswordCharsAndNumbersEnabled()) { $password_min_length++; $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2; if ($this->isPasswordSpecialCharsEnabled()) { $password_min_length++; $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3; } } if ($this->getPasswordMinLength() > 0 && $this->getPasswordMinLength() < $password_min_length) { return $password_min_length_error_code; } if ($this->getPasswordMaxLength() > 0 && $this->getPasswordMaxLength() < $this->getPasswordMinLength()) { return self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH; } if ($this->getPasswordMaxAge() < 0) { return self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE; } if ($this->getLoginMaxAttempts() < 0) { return self::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS; } } /* * todo: have to check for local auth if first login password change is enabled?? * than: add errorcode */ return 0; }
/** * validate settings * * @return 0, if everything is ok, an error code otherwise */ public function validate(ilPropertyFormGUI $a_form = null) { $code = null; if ($a_form) { include_once "Services/PrivacySecurity/classes/class.ilObjPrivacySecurityGUI.php"; } // handled in form itself if ($this->isAutomaticHTTPSEnabled() && (strlen($this->getAutomaticHTTPSHeaderName()) == 0 || strlen($this->getAutomaticHTTPSHeaderValue()) == 0)) { return ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS; } include_once './Services/Http/classes/class.ilHTTPS.php'; if ($this->isHTTPSEnabled()) { if (!ilHTTPS::_checkHTTPS()) { $code = ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE; if (!$a_form) { return $code; } else { $a_form->getItemByPostVar('https_enabled')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code)); } } } elseif (!ilHTTPS::_checkHTTP()) { $code = ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE; if (!$a_form) { return $code; } else { $a_form->getItemByPostVar('https_enabled')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code)); } } if ($this->getPasswordMinLength() < 0) { $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH; if (!$a_form) { return $code; } else { $a_form->getItemByPostVar('password_min_length')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code)); } } if ($this->getPasswordMaxLength() < 0) { $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH; if (!$a_form) { return $code; } else { $a_form->getItemByPostVar('password_max_length')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code)); } } $password_min_length = 1; if ($this->getPasswordNumberOfUppercaseChars() > 0 || $this->getPasswordNumberOfLowercaseChars() > 0) { $password_min_length = 0; if ($this->getPasswordNumberOfUppercaseChars() > 0) { $password_min_length += $this->getPasswordNumberOfUppercaseChars(); } if ($this->getPasswordNumberOfLowercaseChars() > 0) { $password_min_length += $this->getPasswordNumberOfLowercaseChars(); } $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1; } if ($this->isPasswordCharsAndNumbersEnabled()) { $password_min_length++; $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2; if ($this->isPasswordSpecialCharsEnabled()) { $password_min_length++; $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3; } } else { if ($password_min_length > 1 && $this->isPasswordSpecialCharsEnabled()) { $password_min_length++; $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3; } } if ($this->getPasswordMinLength() > 0 && $this->getPasswordMinLength() < $password_min_length) { $code = $password_min_length_error_code; if (!$a_form) { return $code; } else { $a_form->getItemByPostVar('password_min_length')->setAlert(sprintf(ilObjPrivacySecurityGUI::getErrorMessage($code), $password_min_length)); } } if ($this->getPasswordMaxLength() > 0 && $this->getPasswordMaxLength() < $this->getPasswordMinLength()) { $code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH; if (!$a_form) { return $code; } else { $a_form->getItemByPostVar('password_max_length')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code)); } } if ($this->getPasswordMaxAge() < 0) { $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE; if (!$a_form) { return $code; } else { $a_form->getItemByPostVar('password_max_age')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code)); } } if ($this->getLoginMaxAttempts() < 0) { $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS; if (!$a_form) { return $code; } else { $a_form->getItemByPostVar('login_max_attempts')->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code)); } } /* * todo: have to check for local auth if first login password change is enabled?? * than: add errorcode */ if (!$a_form) { return 0; } else { return !(bool) $code; } }