// Once an error has occured it is stored here. $message = array(); // Perform GOsa password policy checks if (!tests::is_uid($uid)) { $message[] = msgPool::invalid(_("Login")); } elseif (empty($current_password)) { $message[] = _("You need to specify your current password in order to proceed."); } elseif ($new_password != $repeated_password) { $message[] = _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."); } elseif ($new_password == "") { $message[] = _("The password you've entered as 'New password' is empty."); } elseif ($check_differ && substr($current_password, 0, $differ) == substr($new_password, 0, $differ)) { $message[] = _("The password used as new and current are too similar."); } elseif ($check_length && strlen($new_password) < $length) { $message[] = _("The password used as new is to short."); } elseif (!passwordMethod::is_harmless($new_password)) { $message[] = _("The password contains possibly problematic Unicode characters!"); } // Connect as the given user and load its ACLs if (!count($message)) { $ui = ldap_login_user($uid, $current_password); if ($ui === NULL) { $message[] = _("Please check the username/password combination!"); } else { $tmp = new acl($config, NULL, $ui->dn); $ui->ocMapping = $tmp->ocMapping; $ui->loadACL(); $acls = $ui->get_permissions($ui->dn, "users/password"); if (!preg_match("/w/i", $acls)) { $message[] = _("You have no permissions to change your password!"); }