refactoring
This commit is contained in:
parent
c8d1e5ab82
commit
3dc40d1f99
|
@ -3022,9 +3022,6 @@ class windowsUser extends baseModule implements passwordService {
|
|||
* @param array $attributes LDAP attributes
|
||||
*/
|
||||
private function setSelfServicePassword(&$return, $attributes) {
|
||||
if (!function_exists('ldap_modify_batch')) {
|
||||
return $this->setSelfServicePasswordCMD($return, $attributes);
|
||||
}
|
||||
$newPasswordVal = self::pwdAttributeValue($_POST['windowsUser_unicodePwd']);
|
||||
$oldPassword = lamDecrypt($_SESSION['selfService_clientPassword'], 'SelfService');
|
||||
$oldPasswordVal = self::pwdAttributeValue($oldPassword);
|
||||
|
@ -3058,80 +3055,6 @@ class windowsUser extends baseModule implements passwordService {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the user password in self service.
|
||||
* Since the change requires the old password we need to run ldapmodify for this task.
|
||||
*
|
||||
* Enter description here ...
|
||||
* @param array $return return value for checkSelfServiceOptions() (used to add message if any)
|
||||
* @param array $attributes LDAP attributes
|
||||
*/
|
||||
private function setSelfServicePasswordCMD(&$return, $attributes) {
|
||||
$newPasswordVal = self::pwdAttributeValue($_POST['windowsUser_unicodePwd']);
|
||||
$oldPassword = lamDecrypt($_SESSION['selfService_clientPassword'], 'SelfService');
|
||||
$oldPasswordVal = self::pwdAttributeValue($oldPassword);
|
||||
$dn = $attributes['dn'];
|
||||
$ldif = "dn: " . $dn . "\n";
|
||||
$ldif .= "changetype: modify\n";
|
||||
$ldif .= "delete: unicodePwd\n";
|
||||
$ldif .= "unicodePwd:: " . base64_encode($oldPasswordVal) . "\n";
|
||||
$ldif .= "-\n";
|
||||
$ldif .= "add: unicodePwd\n";
|
||||
$ldif .= "unicodePwd:: " . base64_encode($newPasswordVal) . "\n";
|
||||
$ldif .= "-\n";
|
||||
|
||||
$serverURL = $_SESSION['selfServiceProfile']->serverURL;
|
||||
$tls = '';
|
||||
if ($_SESSION['selfServiceProfile']->useTLS) {
|
||||
$tls = ' -ZZ ';
|
||||
}
|
||||
$cmd = "/usr/bin/ldapmodify -H " . $serverURL . $tls . " -D " . escapeshellarg($dn) . " -x -w " . escapeshellarg($oldPassword);
|
||||
|
||||
$descriptorspec = array(
|
||||
0 => array("pipe", "r"), // stdin
|
||||
1 => array("pipe", "w"), // stout
|
||||
2 => array("pipe", "w") // sterr
|
||||
);
|
||||
$process = proc_open($cmd, $descriptorspec, $pipes);
|
||||
if (is_resource($process)) {
|
||||
fwrite($pipes[0], $ldif);
|
||||
}
|
||||
else {
|
||||
logNewMessage(LOG_ERR, 'Unable to change password of ' . $dn . '. Calling /usr/bin/ldapmodify failed.');
|
||||
$return['messages'][] = array('ERROR', _('Unable to change password.'));
|
||||
return;
|
||||
}
|
||||
fclose($pipes[0]);
|
||||
$outputMessages = '';
|
||||
while (!feof($pipes[1])) {
|
||||
$output = fgets($pipes[1], 1024);
|
||||
if ($output != '') {
|
||||
$outputMessages .= $output;
|
||||
}
|
||||
}
|
||||
while (!feof($pipes[2])) {
|
||||
$output = fgets($pipes[2], 1024);
|
||||
if ($output != '') {
|
||||
$outputMessages .= $output;
|
||||
}
|
||||
}
|
||||
fclose($pipes[1]);
|
||||
$returnCode = proc_close($process);
|
||||
if ($returnCode != 0) {
|
||||
$outputMessages = htmlspecialchars($outputMessages);
|
||||
// Active Directory message translations
|
||||
if ((strpos($outputMessages, 'DSID-03190F80') !== false) && (strpos($outputMessages, 'unicodePwd') !== false)) {
|
||||
$outputMessages = _('Your password does not meet the password strength qualifications. Please retry with another one.') . '<br><br>' . $outputMessages;
|
||||
}
|
||||
logNewMessage(LOG_ERR, 'Changing user password failed: ' . $outputMessages);
|
||||
$return['messages'][] = array('ERROR', _('Unable to change password.'), $outputMessages);
|
||||
}
|
||||
else {
|
||||
// update session password for next page load
|
||||
$_SESSION['selfService_clientPasswordNew'] = $_POST['windowsUser_unicodePwd'];
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* This method specifies if a module manages password attributes. The module alias will
|
||||
* then appear as option in the GUI.
|
||||
|
|
Loading…
Reference in New Issue