コード例 #1
0
ファイル: ChangePasswordDo.php プロジェクト: awasthi/aguilas
} elseif (strlen($userPassword) < 8 || strlen($userPassword) > 30) {
    WrongPasswordLength();
    // Invalid Old Password
} elseif (preg_match("/^[A-Za-z0-9@#\$%^&+=!.-_]+\$/", $userPasswordOld) == 0) {
    InvalidOldPassword();
    // Old Password has less than 8 characters or more than 30
} elseif (strlen($userPasswordOld) < 8 || strlen($userPasswordOld) > 30) {
    WrongOldPasswordLength();
    // Passwords do not match
} elseif ($userPassword != $userPasswordBis) {
    DifferentPasswords();
} else {
    // VALIDATION PASSED -------------------------------------------------------
    // Encoding the passwords
    $userPassword = EncodePassword($userPassword, $ldap_enc);
    $userPasswordOld = EncodePassword($userPasswordOld, $ldap_enc);
    // We are going to search for a user entry matching the data provided by
    // the user on the form
    // We stablish what attributes are going to be retrieved from each entry
    $search_limit = array("dn");
    // The filter string to search through LDAP
    $search_string = "(&(mail=" . $mail . ")(userPassword="******")(uid=" . $uid . "))";
    // The attribute the array of entries is going to be sorted by
    $sort_string = 'dn';
    // Searching ...
    $search_entries = AssistedLDAPSearch($ldapc, $ldap_base, $search_string, $search_limit, $sort_string);
    // How much did we get?
    $result_count = $search_entries['count'];
    // If we didn't get any entries, there are no user entries matching the
    // data provided by the user. Maybe the user doesn't exist or the user made
    // a mistake entering the data
コード例 #2
0
ファイル: ResetPasswordDo.php プロジェクト: awasthi/aguilas
 // If we have zero coincidences, then the user somehow was removed from LDAP
 // just after he made the Reset Password petition
 if ($result_count == 0) {
     NoResults();
     // If we have more than one entry with the same data, then database is corrupted
     // and we are in a big mess
 } elseif ($result_count > 1) {
     MultipleResults();
     // If we got one coincidence, we are on the right path
 } elseif ($result_count == 1) {
     // What dn are we going to modify?
     $moddn = $search_entries['0']['dn'];
     // Generating pretty badass password
     $genPassword = substr(md5(md5(mt_rand() . "+" . time())), 0, 8);
     // We encode the password
     $encPassword = EncodePassword($genPassword, $ldap_enc);
     // We construct the modificator array
     $in['userPassword'] = $encPassword;
     // Modifying ...
     $mod = AssistedLDAPModify($ldapc, $moddn, $in);
     // If the modifying went OK, we send the notification e-mail to the user
     if ($mod) {
         $send = AssistedEMail("ResetPasswordDo", $mail);
     }
     // If the mailing went OK ...
     if ($send) {
         // We need to get rid of the temporary entry
         $del_q = sprintf("DELETE FROM ResetPassword" . " WHERE mail='%s'" . " AND uid='%s'" . " AND token='%s'", mysql_real_escape_string($mail), mysql_real_escape_string($uid), mysql_real_escape_string($token));
         // Deleting the row from the table ...
         $del_r = AssistedMYSQLQuery($del_q);
         // We log the event