Context Navigation

source: extensions/Password_Policy/include/functions.inc.php @ 25050

Last change on this file since 25050 was 25050, checked in by Eric, 11 years ago
language files added
File size: 13.5 KB

Line
1	<?php
2
3	load_language('plugin.lang', PP_PATH);
4
5	/**
6	* Triggered on get_admin_plugin_menu_links
7	*
8	* Plugin's administration menu
9	*/
10	function PP_admin_menu($menu)
11	{
12	// +-----------------------------------------------------------------------+
13	// \| Getting plugin name \|
14	// +-----------------------------------------------------------------------+
15	$plugin = PPInfos(PP_PATH);
16	$name = $plugin['name'];
17
18	array_push($menu,
19	array(
20	'NAME' => $name,
21	'URL' => get_root_url().'admin.php?page=plugin-'.basename(PP_PATH)
22	)
23	);
24
25	return $menu;
26	}
27
28
29	/**
30	* Triggered on loc_begin_index
31	*
32	* Initiating GhostTracker - Perform user logout after registration if not validated
33	*/
34	function PP_Init()
35	{
36	global $conf, $user;
37
38	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
39
40	$conf_PP = unserialize($conf['PasswordPolicy']);
41
42	// Admins, Guests and Adult_Content users are excluded
43	// ---------------------------------------------------
44	if (!is_admin() and !is_a_guest() and $user['username'] != "16" and $user['username'] != "18")
45	{
46	// Perform user logout if user account is locked
47	if ((isset($conf_PP['LOGFAILBLOCK']) and $conf_PP['LOGFAILBLOCK'] == 'true')
48	and PP_UsrBlock_Verif($user['id'])
49	and !is_admin()
50	and !is_webmaster())
51	{
52	invalidate_user_cache();
53	logout_user();
54	if ( $conf['guest_access'] )
55	{
56	redirect( make_index_url().'?PP_msg=locked', 0);
57	}
58	else
59	{
60	redirect( get_root_url().'identification.php?PP_msg=locked' , 0);
61	}
62	}
63	}
64	}
65
66
67	/**
68	* Triggered on login_failure in main.inc.php
69	* Count of login failures and lock account after x attempt
70	*
71	*/
72	function PP_log_fail()
73	{
74	global $conf, $user;
75
76	$conf_PP = unserialize($conf['PasswordPolicy']);
77
78	if (
79	(isset($conf_PP['NBLOGFAIL']) and $conf_PP['NBLOGFAIL'] <> 0)
80	and (isset($conf_PP['LOGFAILBLOCK']) and $conf_PP['LOGFAILBLOCK'] == 'true')
81	and !is_admin()
82	and !is_webmaster()
83	)
84	{
85	// If login failure then increments loginfailcount value in database
86	$query = '
87	UPDATE '.USERS_TABLE.'
88	SET PP_loginfailcount = PP_loginfailcount+1
89	WHERE user_id = '.$userid.'
90	LIMIT 1
91	;';
92	pwg_query($query);
93
94	$query = '
95	SELECT PP_loginfailcount
96	FROM '.USERS_TABLE.'
97	WHERE user_id = '.$userid.'
98	;';
99
100	$datas = pwg_query($query);
101
102	// If number of failed logon exeeds 3, set the account as locked
103	if (isset($datas['PP_loginfailcount']) and $datas['PP_loginfailcount'] > $conf_PP['NBLOGFAIL'])
104	{
105	$query = '
106	UPDATE '.USERS_TABLE.'
107	SET PP_lock = "true"
108	WHERE user_id = '.$userid.'
109	LIMIT 1
110	;';
111	pwg_query($query);
112	}
113	}
114	}
115
116
117	/**
118	* PP_loc_visible_user_list
119	* Adds a new feature in user_list to allow password reset for selected users by admin
120	*
121	*/
122	function PP_loc_visible_user_list($visible_user_list)
123	{
124	global $template;
125
126	$template->append('plugin_user_list_column_titles', l10n('PP_PwdReset'));
127
128	$user_ids = array();
129
130	foreach ($visible_user_list as $i => $user)
131	{
132	$user_ids[$i] = $user['id'];
133	}
134
135	$user_nums = array_flip($user_ids);
136
137	// Query to get information in database
138	// ------------------------------------
139	if (!empty($user_ids))
140	{
141	$query = '
142	SELECT DISTINCT id, PP_pwdreset
143	FROM '.USERS_TABLE.'
144	WHERE id IN ('.implode(',', $user_ids).')
145	;';
146	$result = pwg_query($query);
147
148	while ($row = pwg_db_fetch_assoc($result))
149	{
150	if ($row['PP_pwdreset'] == 'false')
151	{
152	$pwdreset = l10n('PP_PwdReset_Done');
153	}
154	else if ($row['PP_pwdreset'] == 'true')
155	{
156	$pwdreset = l10n('PP_PwdReset_Todo');
157	}
158	else $pwdreset = l10n('PP_PwdReset_NA');
159
160	$visible_user_list[$user_nums[$row['id']]]['plugin_columns'][] = $pwdreset; // Shows users password state in user_list
161	}
162	}
163	return $visible_user_list;
164	}
165
166
167	/**
168	* Triggered on login_success
169	*
170	* Redirects a visitor (except for admins, webmasters and generic statuses) to his profile.php page if password reset is needed
171	*
172	*/
173	function PP_LoginTasks()
174	{
175	global $conf, $user;
176
177	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
178
179	$conf_PP = unserialize($conf['PasswordPolicy']);
180
181	// Performing redirection to profile page for password reset
182	// ---------------------------------------------------------
183	if ((isset($conf_PP['PWDRESET']) and $conf_PP['PWDRESET'] == 'true'))
184	{
185	$query ='
186	SELECT user_id, status
187	FROM '.USER_INFOS_TABLE.'
188	WHERE user_id = '.$user['id'].'
189	;';
190	$data = pwg_db_fetch_assoc(pwg_query($query));
191
192	if ($data['status'] <> "webmaster" and $data['status'] <> "generic") // Exclusion of specific accounts
193	{
194	if (PP_check_pwdreset($user['id']))
195	{
196	redirect(PHPWG_ROOT_PATH.'profile.php');
197	}
198	}
199	}
200	}
201
202
203	/**
204	* Triggered on register_user_check
205	*
206	* Additional controls on user registration check
207	*/
208	function PP_RegistrationCheck($errors, $user)
209	{
210	global $conf;
211
212	// Exclusion of Adult_Content users
213	// --------------------------------
214	if ($user['username'] != "16" and $user['username'] != "18")
215	{
216	load_language('plugin.lang', PP_PATH);
217
218	$PasswordCheck = 0;
219
220	$conf_PP = unserialize($conf['PasswordPolicy']);
221
222	// Password enforcement control
223	// ----------------------------
224	if (isset($conf_PP['PASSWORDENF']) and $conf_PP['PASSWORDENF'] == 'true' and !empty($conf_PP['PASSWORD_SCORE']))
225	{
226	if (!empty($user['password']) and !is_admin())
227	{
228	$PasswordCheck = PP_testpassword($user['password']);
229
230	if ($PasswordCheck < $conf_PP['PASSWORD_SCORE'])
231	{
232	$message = get_l10n_args('PP_Error_Password_Need_Enforcement_%s', $PasswordCheck);
233	$lang['reg_err_pass'] = l10n_args($message).$conf_PP['PASSWORD_SCORE'];
234	array_push($errors, $lang['reg_err_pass']);
235	}
236	}
237	else if (!empty($user['password']) and is_admin() and isset($conf_PP['ADMINPASSWENF']) and $conf_PP['ADMINPASSWENF'] == 'true')
238	{
239	$PasswordCheck = PP_testpassword($user['password']);
240
241	if ($PasswordCheck < $conf_PP['PASSWORD_SCORE'])
242	{
243	$message = get_l10n_args('PP_Error_Password_Need_Enforcement_%s', $PasswordCheck);
244	$lang['reg_err_pass'] = l10n_args($message).$conf_PP['PASSWORD_SCORE'];
245	array_push($errors, $lang['reg_err_pass']);
246	}
247	}
248	}
249	}
250	}
251
252
253	/**
254	* Triggered on loc_begin_profile
255	*/
256	function PP_Profile_Init()
257	{
258	global $conf, $user, $template;
259
260	$conf_PP = unserialize($conf['PasswordPolicy']);
261
262	// Special message display for password reset
263	// ------------------------------------------
264	if ((isset($conf_PP['PWDRESET']) and $conf_PP['PWDRESET'] == 'true'))
265	{
266	if (PP_check_pwdreset($user['id']))
267	{
268	$template->append('errors', l10n('PP_Password_Reset_Msg'));
269	}
270	}
271
272	// Controls on profile page submission
273	// -----------------------------------
274	if (isset($_POST['validate']) and !is_admin())
275	{
276	// Password reset control
277	// ----------------------
278	if (isset($conf_PP['PWDRESET']) and $conf_PP['PWDRESET'] == 'true' and PP_check_pwdreset($user['id']))
279	{
280	// if password not changed then pwdreset field = true else pwdreset field = false
281	// ------------------------------------------------------------------------------
282	if (!empty($_POST['use_new_pwd']))
283	{
284	$query = '
285	UPDATE '.USERS_TABLE.'
286	SET PP_pwdreset = "false"
287	WHERE id = '.$user['id'].'
288	LIMIT 1
289	;';
290	pwg_query($query);
291	}
292	}
293
294	if (!empty($_POST['use_new_pwd']))
295	{
296	// Password enforcement control
297	// ----------------------------
298	if (isset($conf_PP['PASSWORDENF']) and $conf_PP['PASSWORDENF'] == 'true' and !empty($conf_PP['PASSWORD_SCORE']))
299	{
300	$PasswordCheck = PP_testpassword($_POST['use_new_pwd']);
301
302	if ($PasswordCheck < $conf_PP['PASSWORD_SCORE'])
303	{
304	$message = get_l10n_args('PP_Error_Password_Need_Enforcement_%s', $PasswordCheck);
305	$template->append('errors', l10n_args($message).$conf_PP['PASSWORD_SCORE']);
306	unset($_POST['use_new_pwd']);
307	unset($_POST['validate']);
308	}
309	}
310	}
311	}
312	}
313
314
315	/**
316	* PP_Set_PwdReset
317	* Action in user_list to set a password reset for a user
318	*/
319	function PP_Set_PwdReset($uid)
320	{
321	$query ='
322	UPDATE '.USERS_TABLE.'
323	SET PP_pwdreset = "true"
324	WHERE id = '.$uid.'
325	LIMIT 1
326	;';
327
328	pwg_query($query);
329	}
330
331
332	/**
333	* PP_check_pwdreset
334	* checks if a user id is registered as having already
335	* changed his password.
336	*
337	* @uid : the user id
338	*
339	* @returns : true or false whether the users has already changed his password
340	*
341	*/
342	function PP_check_pwdreset($uid)
343	{
344	$query = '
345	SELECT PP_pwdreset
346	FROM '.USERS_TABLE.'
347	WHERE id='.$uid.'
348	;';
349
350	$result = pwg_db_fetch_assoc(pwg_query($query));
351
352	if($result['PP_pwdreset'] == 'true')
353	{
354	return true;
355	}
356	else return false;
357	}
358
359
360	/**
361	* Returns a password's score for password complexity check
362	*
363	* @param : password filled by user
364	*
365	* @return : Score calculation
366	*
367	* Thanx to MathieuGut from http://m-gut.developpez.com
368	*/
369	function PP_testpassword($password) // $password given by user
370	{
371
372	// Variables initiation
373	// --------------------
374	$points = 0;
375	$point_lowercase = 0;
376	$point_uppercase = 0;
377	$point_numbers = 0;
378	$point_characters = 0;
379
380	// Getting password lengh
381	// ----------------------
382	$length = strlen($password);
383
384	// Loop to read password characters
385	for($i = 0; $i < $length; $i++)
386	{
387	// Select each letters
388	// $i is 0 at first turn
389	// ---------------------
390	$letters = $password[$i];
391
392	if ($letters>='a' && $letters<='z')
393	{
394	// Adding 1 point to score for a lowercase
395	// ---------------------------------------
396	$points = $points + 1;
397
398	// Adding bonus points for lowercase
399	// ---------------------------------
400	$point_lowercase = 1;
401	}
402	else if ($letters>='A' && $letters <='Z')
403	{
404	// Adding 2 points to score for uppercase
405	// --------------------------------------
406	$points = $points + 2;
407
408	// Adding bonus points for uppercase
409	// ---------------------------------
410	$point_uppercase = 2;
411	}
412	else if ($letters>='0' && $letters<='9')
413	{
414	// Adding 3 points to score for numbers
415	// ------------------------------------
416	$points = $points + 3;
417
418	// Adding bonus points for numbers
419	// -------------------------------
420	$point_numbers = 3;
421	}
422	else
423	{
424	// Adding 5 points to score for special characters
425	// -----------------------------------------------
426	$points = $points + 5;
427
428	// Adding bonus points for special characters
429	// ------------------------------------------
430	$point_characters = 5;
431	}
432	}
433
434	// Calculating the coefficient points/length
435	// -----------------------------------------
436	$step1 = $points / $length;
437
438	// Calculation of the diversity of character types...
439	// --------------------------------------------------
440	$step2 = $point_lowercase + $point_uppercase + $point_numbers + $point_characters;
441
442	// Multiplying the coefficient of diversity with that of the length
443	// ----------------------------------------------------------------
444	$score = $step1 * $step2;
445
446	// Multiplying the result by the length of the string
447	// --------------------------------------------------
448	$finalscore = $score * $length;
449
450	return $finalscore;
451	}
452
453
454	/**
455	* PP_UsrBlock_Verif
456	* Check if the user's account is locked
457	*
458	* @returns : True if account is locked else False
459	*/
460	function PP_UsrBlock_Verif($user_id)
461	{
462	global $conf;
463
464	$query = '
465	SELECT PP_Lock
466	FROM '.USERS_TABLE.'
467	WHERE id='.$user_id.'
468	;';
469
470	$result = pwg_db_fetch_assoc(pwg_query($query));
471
472	if($result['PP_Lock'] == 'true')
473	{
474	return true;
475	}
476	else return false;
477	}
478
479
480	/**
481	* Function called from PP_admin.php to get the plugin version and name
482	*
483	* @param : plugin directory
484	*
485	* @return : plugin's version and name
486	*
487	*/
488	function PPInfos($dir)
489	{
490	$path = $dir;
491
492	$plg_data = implode( '', file($path.'main.inc.php') );
493	if ( preg_match("\|Plugin Name: (.*)\|", $plg_data, $val) )
494	{
495	$plugin['name'] = trim( $val[1] );
496	}
497	if (preg_match("\|Version: (.*)\|", $plg_data, $val))
498	{
499	$plugin['version'] = trim($val[1]);
500	}
501	if ( preg_match("\|Plugin URI: (.*)\|", $plg_data, $val) )
502	{
503	$plugin['uri'] = trim($val[1]);
504	}
505	if ($desc = load_language('description.txt', $path.'/', array('return' => true)))
506	{
507	$plugin['description'] = trim($desc);
508	}
509	elseif ( preg_match("\|Description: (.*)\|", $plg_data, $val) )
510	{
511	$plugin['description'] = trim($val[1]);
512	}
513	if ( preg_match("\|Author: (.*)\|", $plg_data, $val) )
514	{
515	$plugin['author'] = trim($val[1]);
516	}
517	if ( preg_match("\|Author URI: (.*)\|", $plg_data, $val) )
518	{
519	$plugin['author uri'] = trim($val[1]);
520	}
521	if (!empty($plugin['uri']) and strpos($plugin['uri'] , 'extension_view.php?eid='))
522	{
523	list( , $extension) = explode('extension_view.php?eid=', $plugin['uri']);
524	if (is_numeric($extension)) $plugin['extension'] = $extension;
525	}
526	// IMPORTANT SECURITY !
527	// --------------------
528	$plugin = array_map('htmlspecialchars', $plugin);
529
530	return $plugin ;
531	}
532	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: