// Once an error has occured it is stored here.
$message = array();
// Perform GOsa password policy checks
if (!tests::is_uid($uid)) {
$message[] = msgPool::invalid(_("Login"));
} elseif (empty($current_password)) {
$message[] = _("You need to specify your current password in order to proceed.");
} elseif ($new_password != $repeated_password) {
$message[] = _("The passwords you've entered as 'New password' and 'Repeated new password' do not match.");
} elseif ($new_password == "") {
$message[] = _("The password you've entered as 'New password' is empty.");
} elseif ($check_differ && substr($current_password, 0, $differ) == substr($new_password, 0, $differ)) {
$message[] = _("The password used as new and current are too similar.");
} elseif ($check_length && strlen($new_password) < $length) {
$message[] = _("The password used as new is to short.");
} elseif (!passwordMethod::is_harmless($new_password)) {
$message[] = _("The password contains possibly problematic Unicode characters!");
}
// Connect as the given user and load its ACLs
if (!count($message)) {
$ui = ldap_login_user($uid, $current_password);
if ($ui === NULL) {
$message[] = _("Please check the username/password combination!");
} else {
$tmp = new acl($config, NULL, $ui->dn);
$ui->ocMapping = $tmp->ocMapping;
$ui->loadACL();
$acls = $ui->get_permissions($ui->dn, "users/password");
if (!preg_match("/w/i", $acls)) {
$message[] = _("You have no permissions to change your password!");
}
