commit d9abea41e943f8db1b580dec8e9efba805a3aab1
parent d88670c664a4441f2d000df5b4048c1175d23ce2
Author: dankert <devnull@localhost>
Date: Sat, 20 Jan 2007 16:22:28 +0100
Reagieren auf Kennwort-Ablauf.
Diffstat:
2 files changed, 83 insertions(+), 103 deletions(-)
diff --git a/actionClasses/IndexAction.class.php b/actionClasses/IndexAction.class.php
@@ -3,12 +3,11 @@
// $Id$
// ---------------------------------------------------------------------------
// OpenRat Content Management System
-// Copyright (C) 2002 Jan Dankert, jandankert@jandankert.de
+// Copyright (C) 2002-2007 Jan Dankert, jandankert@jandankert.de
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
-// as published by the Free Software Foundation; either version 2
-// of the License, or (at your option) any later version.
+// as published by the Free Software Foundation; version 2.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -19,80 +18,6 @@
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
// ---------------------------------------------------------------------------
-// $Log$
-// Revision 1.24 2006-11-16 19:56:52 dankert
-// Methoden f?r Registrierung und Kennwortzusendung
-//
-// Revision 1.23 2006/08/04 19:05:55 dankert
-// Aktivieren von Registrierung und Kennwort-vergessen
-//
-// Revision 1.22 2006/01/23 23:10:16 dankert
-// Steuerung der Aktionsklassen ?ber .ini-Dateien
-//
-// Revision 1.21 2005/04/16 21:35:23 dankert
-// Uebergabe von Loginfehlern als normale Hinweismeldung
-//
-// Revision 1.20 2005/03/13 16:39:00 dankert
-// Neue Methoden, um Baum ein- und auszublenden
-//
-// Revision 1.19 2005/02/17 19:21:00 dankert
-// Titelanzeige geaendert
-//
-// Revision 1.18 2005/01/27 00:03:57 dankert
-// Variable "nopublish" an das Template liefern
-//
-// Revision 1.17 2005/01/23 11:13:54 dankert
-// Schalter "nologin" beruecksichtigen
-//
-// Revision 1.16 2005/01/14 21:41:23 dankert
-// Aufruf von lastModified() fuer Conditional-GET
-//
-// Revision 1.15 2005/01/04 21:42:09 dankert
-// Uebertragen von MOTD
-//
-// Revision 1.14 2004/12/29 20:19:55 dankert
-// Korrektur
-//
-// Revision 1.13 2004/12/28 22:58:39 dankert
-// Fuellen Variablen logo* fuer Loginmaske
-//
-// Revision 1.12 2004/12/26 20:20:17 dankert
-// Bei Logout entfernen aller Session-Variablen
-//
-// Revision 1.11 2004/12/26 18:49:58 dankert
-// Projektname im Seiten-Titel
-//
-// Revision 1.10 2004/12/25 22:11:20 dankert
-// Logo-Bild ueber Parameter
-//
-// Revision 1.9 2004/12/19 21:57:02 dankert
-// Korrektur bei direktem Objektaufruf in object()
-//
-// Revision 1.8 2004/12/19 14:54:31 dankert
-// language() und model() korrigiert
-//
-// Revision 1.7 2004/12/18 00:16:26 dankert
-// language_read() entfernt
-//
-// Revision 1.6 2004/12/15 23:23:27 dankert
-// div. neue Methoden
-//
-// Revision 1.5 2004/11/28 18:26:15 dankert
-// Anpassen an neue Sprachdatei-Konventionen
-//
-// Revision 1.4 2004/11/15 21:34:05 dankert
-// Korrektur fuer Administrationsmodus
-//
-// Revision 1.3 2004/11/10 22:36:45 dankert
-// Laden von Projektklassen und Lesen/Schreiben von/nach Session
-//
-// Revision 1.2 2004/05/02 14:49:37 dankert
-// Einf?gen package-name (@package)
-//
-// Revision 1.1 2004/04/24 15:14:52 dankert
-// Initiale Version
-//
-// ---------------------------------------------------------------------------
define('PROJECTID_ADMIN',-1);
@@ -106,6 +31,8 @@ define('PROJECTID_ADMIN',-1);
class IndexAction extends Action
{
+ var $mustChangePassword = false;
+
function setDb( $dbid )
{
global $conf;
@@ -144,7 +71,7 @@ class IndexAction extends Action
- function checkLogin( $name,$pw )
+ function checkLogin( $name,$pw,$pw1,$pw2 )
{
Logger::debug( "login user $name" );
@@ -163,6 +90,24 @@ class IndexAction extends Action
$ok = $user->checkPassword( $pw );
+ $this->mustChangePassword = $user->mustChangePassword;
+
+ if ( $this->mustChangePassword )
+ {
+ // Der Benutzer hat zwar ein richtiges Kennwort eingegeben, aber dieses ist abgelaufen.
+ // Wir versuchen hier, das neue zu setzen (sofern eingegeben).
+ if ( $pw1 == $pw2 && strlen($pw2) >= $conf['security']['password']['min_length'] )
+ {
+ // Kennwörter identisch und lang genug.
+ $user->setPassword( $pw1,true );
+
+ // Das neue Kennwort ist gesetzt, die Anmeldung ist also doch noch gelungen.
+ $ok = true;
+ $this->mustChangePassword = false;
+ $user->mustChangePassword = false;
+ }
+ }
+
// Falls Login erfolgreich
if ( $ok )
{
@@ -213,12 +158,12 @@ class IndexAction extends Action
else
$this->setTemplateVar('actdbid',$conf['database']['default']);
- $this->setTemplateVar('logo' ,$conf['login' ]['logo' ] );
- $this->setTemplateVar('logo_url' ,$conf['login' ]['logo_url'] );
- $this->setTemplateVar('motd' ,$conf['login' ]['motd' ] );
- $this->setTemplateVar('readonly' ,$conf['security']['readonly'] );
- $this->setTemplateVar('nologin' ,$conf['login' ]['nologin' ] );
- $this->setTemplateVar('nopublish' ,$conf['security']['nopublish']);
+// $this->setTemplateVar('logo' ,$conf['login' ]['logo' ] );
+// $this->setTemplateVar('logo_url' ,$conf['login' ]['logo_url'] );
+// $this->setTemplateVar('motd' ,$conf['login' ]['motd' ] );
+// $this->setTemplateVar('readonly' ,$conf['security']['readonly'] );
+// $this->setTemplateVar('nologin' ,$conf['login' ]['nologin' ] );
+// $this->setTemplateVar('nopublish' ,$conf['security']['nopublish']);
$this->setTemplateVar('register' ,$conf['login' ]['register' ]);
$this->setTemplateVar('send_password',$conf['login' ]['send_password']);
$this->setTemplateVar('loginmessage',$this->getSessionVar('loginmessage'));
@@ -275,29 +220,47 @@ class IndexAction extends Action
$loginName = $this->getRequestVar('login_name' );
$loginPassword = $this->getRequestVar('login_password');
-
+ $newPassword1 = $this->getRequestVar('password1');
+ $newPassword2 = $this->getRequestVar('password2');
+
// Ermitteln, ob der Baum angezeigt werden soll
// Ist die Breite zu klein, dann wird der Baum nicht angezeigt
Session::set('showtree',intval($this->getRequestVar('screenwidth')) > $conf['interface']['min_width'] );
$loginOk = $this->checkLogin( $loginName,
- $loginPassword );
+ $loginPassword,
+ $newPassword1,
+ $newPassword2 );
if ( !$loginOk )
- $this->addNotice('user',$loginName,'LOGIN_FAILED','error',array('name'=>$this->getRequestVar('login_name')) );
+ {
+ sleep(3);
+
+ if ( $this->mustChangePassword )
+ // Anmeldung gescheitert, Benutzer muss Kennwort ändern.
+ $this->addNotice('user',$loginName,'LOGIN_FAILED_MUSTCHANGEPASSWORD','error' );
+ else
+ // Anmeldung gescheitert.
+ $this->addNotice('user',$loginName,'LOGIN_FAILED','error',array('name'=>$this->getRequestVar('login_name')) );
+
+ $this->callSubAction('showlogin');
+ }
}
- // Benutzer meldet sich ab
+ /**
+ * Benutzer meldet sich ab.
+ */
function logout()
{
-// Session::setUser('');
-
// Aus Sicherheitsgruenden die komplette Session deaktvieren
session_unset();
}
+ /**
+ * Auswählen der Administration.
+ */
function administration()
{
if ( !$this->userIsAdmin() )
@@ -587,9 +550,9 @@ class IndexAction extends Action
$registerCode = rand();
Session::set('registerCode',$registerCode );
- Session::set('registerMail',$this->getRequestVar('register_mail') );
+ Session::set('registerMail',$this->getRequestVar('mail') );
- $mail = new Mail($this->getRequestVar('register_mail'),
+ $mail = new Mail($this->getRequestVar('mail'),
'register_commit_code','register_commit_code');
$mail->setVar('code',$registerCode);
$mail->send();
@@ -621,20 +584,20 @@ class IndexAction extends Action
$this->checkForDb();
$origRegisterCode = Session::get('registerCode');
- $inputRegisterCode = $this->getRequestVar('register_code');
+ $inputRegisterCode = $this->getRequestVar('code');
if ( $origRegisterCode == $inputRegisterCode )
{
// Bestätigungscode stimmt überein.
// Neuen Benutzer anlegen.
$newUser = new User();
- $newUser->name = $this->getRequestVar('register_name');
+ $newUser->name = $this->getRequestVar('username');
$newUser->add();
$newUser->mail = Session::get('registerMail');
$newUser->save();
- $newUser->setPassword( $this->getRequestVar('register_password'),false );
+ $newUser->setPassword( $this->getRequestVar('password'),true );
$this->addNotice('user',$newUser->name,'user_added','ok');
}
@@ -674,12 +637,14 @@ class IndexAction extends Action
}
+ /*
function changepassword()
{
}
+ */
-
+ /*
function setnewpassword()
{
$oldPw = $this->getRequestVar('password_old' );
@@ -713,22 +678,26 @@ class IndexAction extends Action
$this->addNotice('user',$user->name,'passwords_not_match','error');
}
}
+ */
-
+ /**
+ * Einen Kennwort-Anforderungscode an den Benutzer senden.
+ */
function passwordcode()
{
$this->checkForDb();
- $user = User::loadWithName( $this->getRequestVar("password_name") );
-
- if ( $user->userid != 0 )
+ $user = User::loadWithName( $this->getRequestVar("username") );
+ // Html::debug($user);
+ if ( $user->userid > 0 )
{
srand ((double)microtime()*1000003);
$code = rand();
$this->setSessionVar("password_commit_code",$code);
$eMail = new Mail( $user->mail,'password_commit_code','password_commit_code' );
+ $eMail->setVar('name',$user->getName());
$eMail->setVar('code',$code);
$eMail->send();
@@ -736,12 +705,22 @@ class IndexAction extends Action
}
else
{
- $this->addNotice('','user','username_not_found');
+ //$this->addNotice('','user','username_not_found');
+ // Trotzdem vortäuschen, eine E-Mail zu senden, damit die Gültigkeit
+ // eines Benutzernamens nicht von außen geprüft werden kann.
+ //
+ $this->addNotice('','user','mail_sent');
+ sleep(5);
}
$this->setSessionVar("password_commit_name",$user->name);
}
+
+
+ /**
+ * Neues Kennwort erzeugen und dem Benutzer zusenden.
+ */
function passwordcommit()
{
$ok = $this->getSessionVar("password_commit_code") == $this->getRequestVar("code");
@@ -756,6 +735,7 @@ class IndexAction extends Action
{
$eMail = new Mail( $user->mail,'password_new','password_new' );
$eMail->setVar('password',$newPw);
+ $eMail->setVar('name',$user->getName());
$eMail->send();
$user->setPassword( $newPw, false );
diff --git a/actionClasses/IndexAction.ini.php b/actionClasses/IndexAction.ini.php
@@ -59,4 +59,4 @@ goto=projectmenu
[menu]
login=showlogin,register,password
-menu=projectmenu,administration,changepassword,logout-
\ No newline at end of file
+menu=projectmenu,administration,logout+
\ No newline at end of file