source: extensions/NBC_UserAdvManager/trunk/main.inc.php @ 4124

Last change on this file since 4124 was 4124, checked in by Eric, 11 years ago

[NBC_UserAdvManager] pre 2.12.0 :

  • Adding of password enforcement control function
  • Main code refactory
  • French language file refactory
  • Admin panel refactory
  • Property svn:eol-style set to LF
File size: 14.1 KB
Line 
1<?php
2/*
3Plugin Name: NBC UserAdvManager
4Version: 2.11.5
5Description: Permet de renforcer les possibilités de gestion des utilisateurs - Enforce users management
6Plugin URI: http://fr.piwigo.org/ext/extension_view.php?eid=216
7Author: Nicco, Eric
8Author URI: http://gallery-nicco.no-ip.org, http://www.infernoweb.net
9*/
10
11/*
12 ***** Plugin history (branch 2.10)*****
13
14-- 2.10.0-beta : Initial beta release for Piwigo compatibility
15-- 2.10.1-beta : Small correction on generated path
16-- 2.10.2-beta : Bug resolved on register validation page
17
18-- 2.10.3 : Final and fully functional release
19                                                Bug resolved on plugin activation
20
21-- 2.10.4 : Bug fixed on profiles update
22
23-- 2.10.5 : Improved code on profiles update
24
25-- 2.10.6 : Old language packs (iso) deleted (forget from PWG 1.7.x version)
26
27-- 2.10.7 : Bug fixed on user's validation email sending
28
29-- 2.10.8 : ConfirmMail page looks better (Sylvia theme only)
30                                                Improved code for checking author on guest comments
31
32-- 2.10.9 : Bug fixed - Missing english translation
33                                                Bug fixed - Notice on forbidden characters function use
34                                                Bug fixed - Audit on forbidden characters in username didn't work
35                                                Adding of email provider exclusion (like *@hotmail.com) - Warning ! -> Known bug : This feature doesn't work on user profile page. So, already registered users can change their email address to a forbiden one.
36
37-- 2.10.9a : Email provider exclusion is no longer case sensitive
38
39-- 2.10.9b : Bug fixed - Home icon wasn't linked to gallery url in ConfirmMail page. If GALLERY_URL is not set, Home icon gets the pwg root path.
40
41-- 2.10.9c : Bug fixed - If Email provider exclusion is set off, new registered user will have a PHP notice on "Undefined variable: ncsemail"
42
43-- 2.10.9d : Code simplification - need no more ""template"" sub-directory in plugin directory for enhance "back link" icon in ConfirMail.tpl
44
45-- 2.10.9e : Compatibility improvement with PHP 5.3 - Some old functions will be deprecated like :
46                                                        ereg replaced by preg_match
47                                                        eregi replace by preg_match with "i" moderator
48                                                        split replace by preg_split
49                               
50-- 2.10.9f : Compatibility bug fixed when used with DynamicRecentPeriod plugin
51
52-- 2.11.0 : New tabsheet menu to manage ConfirMail functions (setting a timeout without validation, Cleanup expired user's accounts, Force confirmation, Renew validation key, list unvalidated users,...)
53                                                Beautify plugin's main admin panel
54                                               
55-- 2.11.1 : Bug fixed with install and upgrade functions
56                                                Language files correction
57
58-- 2.11.2 : Bug fixed on bad query for unvalidated users display in unvalidated users list
59                                                Bug fixed : Sql syntax error on plugin activation
60
61-- 2.11.3 : On Patricia's request (french forum and bug 1173), the unvalidated users management tab shows users according with the settings of unvalidated group and / or unvalidated status.
62                                                Feature 1172 : Email providers exclusion list can be set with CR/LF between each entry. The comma seperator (,) is still mandatory.
63                                                Bug 1175 fixed : Bad translation tag in french language file.
64                                                Improvement of unvalidated users management tab (feature 1174)- Expired users are displayed in red color text.
65
66-- 2.11.4 : Bug 1177 fixed : Width of excluded email providers list reset to ancient value (80 col)
67                                                Bug 1179 fixed : Adding a notice in plugin inline documentation for use of validation groups and status. A default group must be set in Piwigo's groups settings and the "Guest" (or another user) must be set as default for status values.
68                                                Bug 1182 fixed : Language tag missing in confirmation email generation
69
70-- 2.11.5 : Bug 1195 fixed : Registration displays the good title
71
72-- pre 2.12.0 : Bug 1206 fixed : All plugin functionnalities work in user's profile page
73            Plugin's core code and admin panel refactoring
74            Password control and enforcement : A complexity score is computed on user registration. If this score is less than the goal set by admin, the password choosen is rejected.
75*/
76
77/*
78
79 ***** TODO List *****
80
81++ No validation needed for admins users comments (new trigger needed in comments.php)
82
83++ No single email check for admins (new trigger needed in (functions_user.inc.php ?))
84
85++ Password control and enforcement
86  ?? Can not be the same as username -> Could password score control be sufficient ?
87 
88++ Security : Blocking brut-force attacks !
89
90++ Opportunity to copy a registered user for new user creation
91  ++ new copied user will (or not) belong to the same groups
92  ++ new copied user will (or not) get the same status (visitor, admin, webmaster, guest (??))
93  ++ new copied user will (or not) get the same properties
94  ++ new copied user will (or not) get the same language
95  ... and so on
96 
97*/
98
99
100if (!defined('PHPWG_ROOT_PATH'))
101{
102  die('Hacking attempt!');
103}
104
105define('NBC_UserAdvManager_DIR' , basename(dirname(__FILE__)));
106define('NBC_UserAdvManager_PATH' , PHPWG_PLUGINS_PATH.basename(dirname(__FILE__)).'/');
107
108include_once (NBC_UserAdvManager_PATH.'include/constants.php');
109include_once (NBC_UserAdvManager_PATH.'include/functions_UserAdvManager.inc.php');
110
111load_language('plugin.lang', NBC_UserAdvManager_PATH);
112
113
114/* Plugin admin */
115add_event_handler('get_admin_plugin_menu_links', 'nbc_UserAdvManager_admin_menu');
116
117function nbc_UserAdvManager_admin_menu($menu)
118{
119  array_push($menu,
120    array(
121      'NAME' => 'UserAdvManager',
122      'URL'  => get_admin_plugin_menu_link(NBC_UserAdvManager_PATH.'/admin/UserAdvManager_admin.php')
123    )
124  );
125
126  return $menu;
127}
128
129
130
131/* User creation */
132add_event_handler('register_user', 'UserAdvManager_Adduser');
133
134function UserAdvManager_Adduser($register_user)
135{
136  global $conf;
137 
138  $conf_nbc_UserAdvManager = isset($conf['nbc_UserAdvManager']) ? explode(";" , $conf['nbc_UserAdvManager']) : array();
139 
140  /* Sending registration confirmation by email */
141  if ((isset($conf_nbc_UserAdvManager[0]) and $conf_nbc_UserAdvManager[0] == 'true') or (isset($conf_nbc_UserAdvManager[2]) and $conf_nbc_UserAdvManager[2] == 'true'))
142  {
143    SendMail2User(1, $register_user['id'], $register_user['username'], $_POST['password'], $register_user['email'], true);
144  }
145}
146
147
148
149/* User deletion */
150add_event_handler('delete_user', 'UserAdvManager_Deluser');
151
152function UserAdvManager_Deluser($user_id)
153{
154  DeleteConfirmMail($user_id);
155}
156
157
158/* Check users registration */
159add_event_handler('register_user_check', 'UserAdvManager_RegistrationCheck', EVENT_HANDLER_PRIORITY_NEUTRAL, 2);
160
161function UserAdvManager_RegistrationCheck($err, $user)
162{
163  global $errors, $conf;
164
165  $PasswordCheck = 0;
166 
167  $conf_nbc_UserAdvManager = isset($conf['nbc_UserAdvManager']) ? explode(";" , $conf['nbc_UserAdvManager']) : array();
168
169  /* Password enforcement control */
170  if (isset($conf_nbc_UserAdvManager[14]) and $conf_nbc_UserAdvManager[14] == 'true' and !empty($conf_nbc_UserAdvManager[15]))
171  {
172    if (!empty($user['password']) and !is_admin())
173    {
174      $PasswordCheck = testpassword($user['password']);
175 
176      if ($PasswordCheck < $conf_nbc_UserAdvManager[15])
177      {
178        $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck);
179        return($lang['reg_err_pass'] = l10n_args($message).$conf_nbc_UserAdvManager[15]);
180      }
181    }
182    else if (!empty($user['password']) and is_admin() and isset($conf_nbc_UserAdvManager[16]) and $conf_nbc_UserAdvManager[16] == 'true')
183    { 
184      $PasswordCheck = testpassword($user['password']);
185 
186      if ($PasswordCheck < $conf_nbc_UserAdvManager[15])
187      {
188        $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck);
189        return($lang['reg_err_pass'] = l10n_args($message).$conf_nbc_UserAdvManager[15]);
190      }
191    }
192  }
193
194  /* Username non case sensitive */
195  if (isset($conf_nbc_UserAdvManager[1]) and $conf_nbc_UserAdvManager[1] == 'true')
196  {
197    $new_username =  NotSensibleSearchUsername($_POST['login']);
198    $_POST['login'] = $new_username == '' ? $_POST['login'] : $new_username;
199  }
200
201  /* Username without forbidden keys */
202  if (isset($conf_nbc_UserAdvManager[7]) and $conf_nbc_UserAdvManager[7] == 'true' and !empty($_POST['login']) and !ValidateUsername($_POST['login']))
203  {
204    $_POST['login'] = '';
205    return($lang['reg_err_login1'] = l10n('reg_err_login6')."'".$conf_nbc_UserAdvManager[8]."'");
206  }
207
208  /* Email without forbidden domains */
209  if (isset($conf_nbc_UserAdvManager[12]) and $conf_nbc_UserAdvManager[12] == 'true' and !empty($_POST['mail_address']) and !ValidateEmailProvider($_POST['mail_address']))
210  {
211    $_POST['login'] = '';
212    return($lang['reg_err_login1'] = l10n('reg_err_login7')."'".$conf_nbc_UserAdvManager[13]."'");
213  }
214}
215
216
217if (script_basename() == 'profile')
218{
219  add_event_handler('loc_begin_profile', 'UserAdvManager_Profile_Init');
220
221  function UserAdvManager_Profile_Init()
222  {
223    global $conf, $user, $template;
224
225    $conf_nbc_UserAdvManager = isset($conf['nbc_UserAdvManager']) ? explode(";" , $conf['nbc_UserAdvManager']) : array();
226
227    if (isset($_POST['validate']))
228    {
229      /* Email without forbidden domains */
230      if (isset($conf_nbc_UserAdvManager[12]) and $conf_nbc_UserAdvManager[12] == 'true' and !empty($_POST['mail_address']))
231      {
232        if (!ValidateEmailProvider($_POST['mail_address']))
233        {
234          $template->append('errors', l10n('reg_err_login7')."'".$conf_nbc_UserAdvManager[13]."'");
235          unset($_POST['validate']);
236        }
237      }
238
239      $typemail = 3;
240     
241      if (!empty($_POST['use_new_pwd']))
242      {
243        $typemail = 2;
244       
245        /* Password enforcement control */
246        if (isset($conf_nbc_UserAdvManager[14]) and $conf_nbc_UserAdvManager[14] == 'true' and !empty($conf_nbc_UserAdvManager[15]))
247        {
248          $PasswordCheck = testpassword($_POST['use_new_pwd']);
249         
250          if ($PasswordCheck < $conf_nbc_UserAdvManager[15])
251          {
252            $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck);
253            $template->append('errors', l10n_args($message).$conf_nbc_UserAdvManager[15]);
254            unset($_POST['use_new_pwd']);
255            unset($_POST['validate']);
256          }
257        }
258      }
259     
260      /* Sending registration confirmation by email */
261      if (( isset($conf_nbc_UserAdvManager[0]) and $conf_nbc_UserAdvManager[0] == 'true') or ( isset($conf_nbc_UserAdvManager[2]) and $conf_nbc_UserAdvManager[2] == 'true'))
262      {
263        $confirm_mail_need = false;
264             
265        if (!empty($_POST['mail_address']) and ValidateEmailProvider($_POST['mail_address']))
266        {
267          $query = '
268            SELECT '.$conf['user_fields']['email'].' AS email
269              FROM '.USERS_TABLE.'
270            WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
271            ;';
272         
273          list($current_email) = mysql_fetch_row(pwg_query($query));
274     
275          if ( $_POST['mail_address'] != $current_email and ( isset($conf_nbc_UserAdvManager[2]) and $conf_nbc_UserAdvManager[2] == 'true') )
276       
277            $confirm_mail_need = true;
278        }
279       
280        if ((!empty($_POST['use_new_pwd']) and ( isset($conf_nbc_UserAdvManager[0]) and $conf_nbc_UserAdvManager[0] == 'true') or $confirm_mail_need) )
281        {
282          $query = '
283            SELECT '.$conf['user_fields']['username'].'
284              FROM '.USERS_TABLE.'
285            WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
286            ;';
287       
288          list($username) = mysql_fetch_row(pwg_query($query));
289
290          SendMail2User($typemail, $user['id'], $username, $_POST['use_new_pwd'], $_POST['mail_address'], $confirm_mail_need);
291        }
292      }
293    }
294  }
295}
296
297
298add_event_handler('init', 'UserAdvManager_InitPage');
299 
300function UserAdvManager_InitPage()
301{
302  load_language('plugin.lang', NBC_UserAdvManager_PATH);
303  global $conf, $template, $page, $lang, $errors;
304
305  $conf_nbc_UserAdvManager = isset($conf['nbc_UserAdvManager']) ? explode(";" , $conf['nbc_UserAdvManager']) : array();
306 
307  /* Username non case sensitive */
308  if (isset($conf_nbc_UserAdvManager[1]) and $conf_nbc_UserAdvManager[1] == 'true')
309  {
310    $lang['reg_err_login5'] = l10n('reg_err_login5');
311  }
312 
313
314 
315/* User identification */
316  if (script_basename() == 'identification')
317  {
318    if (isset($_POST['login']))
319    {
320      /* User non case sensitive */
321      if (isset($conf_nbc_UserAdvManager[1]) and $conf_nbc_UserAdvManager[1] == 'true' )
322      {
323        $new_username =  NotSensibleSearchUsername($_POST['username']);
324        $_POST['username'] = $new_username == '' ? $_POST['username'] : $new_username;
325      }
326    }
327  }
328
329
330/* Admin user management */
331  if (script_basename() == 'admin' and isset($_GET['page']) and $_GET['page'] == 'user_list')
332  {
333    if (isset($_POST['submit_add']))
334    {
335      /* User non case sensitive */
336      if (isset($conf_nbc_UserAdvManager[1]) and $conf_nbc_UserAdvManager[1] == 'true' )
337      {
338        $new_username =  NotSensibleSearchUsername($_POST['login']);
339        $_POST['login'] = $new_username == '' ? $_POST['login'] : $new_username;
340      }
341
342      /* Username without forbidden keys */
343      if (isset($conf_nbc_UserAdvManager[7]) and $conf_nbc_UserAdvManager[7] == 'true' and !empty($_POST['login']) and !ValidateUsername($_POST['login']))
344      {
345        $template->append('errors', l10n('reg_err_login6')."'".$conf_nbc_UserAdvManager[8]."'");
346        unset($_POST['submit_add']);
347      }
348
349      /* Email without forbidden domains */
350      if (isset($conf_nbc_UserAdvManager[12]) and $conf_nbc_UserAdvManager[12] == 'true' and !empty($_POST['email']) and !ValidateEmailProvider($_POST['email']))
351      {
352        $template->append('errors', l10n('reg_err_login7')."'".$conf_nbc_UserAdvManager[13]."'");
353        unset($_POST['submit_add']);
354      }
355    }
356  }
357}
358
359add_event_handler('user_comment_check', 'UserAdvManager_CheckEmptyCommentAuthor', 50, 2);
360
361function UserAdvManager_CheckEmptyCommentAuthor($comment_action, $comm)
362{
363  load_language('plugin.lang', NBC_UserAdvManager_PATH);
364  global $infos, $conf, $template;
365
366  $conf_nbc_UserAdvManager = isset($conf['nbc_UserAdvManager']) ? explode(";" , $conf['nbc_UserAdvManager']) : array();
367
368/* User creation OR update */
369  if (isset($conf_nbc_UserAdvManager[6]) and $conf_nbc_UserAdvManager[6] == 'true' and $conf['comments_forall'] == 'true' and $comm['author'] == 'guest')
370  {
371    $comment_action = 'reject';
372
373    array_push($infos, l10n('UserAdvManager_Empty Author'));
374  }
375
376  return $comment_action;
377}
378
379?>
Note: See TracBrowser for help on using the repository browser.