source: extensions/Password_Policy/main.inc.php @ 25050

Last change on this file since 25050 was 25050, checked in by Eric, 11 years ago

language files added
File size: 6.9 KB
Line 
1<?php
2/*
3Plugin Name: Password Policy
4Version: 2.5.0
5Description: Renforcer la sécurité des mots de passe - Enforce password security
6Plugin URI: http://piwigo.org/ext/extension_view.php?eid=
7Author: Eric
8Author URI: http://www.infernoweb.net
9*/
10
11/* History:  PP_PATH.'Changelog.txt.php' */
12
13if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
14if (!defined('PP_PATH')) define('PP_PATH' , PHPWG_PLUGINS_PATH.basename(dirname(__FILE__)).'/');
15
16global $conf;
17
18include_once (PP_PATH.'include/functions.inc.php');
19
20load_language('plugin.lang', PP_PATH);
21$conf_PP = unserialize($conf['PasswordPolicy']);
22
23
24// Plugin administration panel
25// ---------------------------
26add_event_handler('get_admin_plugin_menu_links', 'PP_admin_menu');
27
28// Features and controls on user connexion
29// ---------------------------------------
30add_event_handler('loc_begin_index', 'PP_Init');
31
32// Check users registration
33// ------------------------
34add_event_handler('register_user_check', 'PP_RegistrationCheck', EVENT_HANDLER_PRIORITY_NEUTRAL, 2);
35
36if (script_basename() == 'profile')
37{
38  add_event_handler('loc_begin_profile', 'PP_Profile_Init');
39}
40
41// Redirection to profile page
42// ---------------------------
43add_event_handler('login_success', 'PP_LoginTasks',EVENT_HANDLER_PRIORITY_NEUTRAL, 1);
44
45// Add new feature in user_list - Password Reset
46// ---------------------------------------------
47if (isset($conf_PP['PWDRESET']) and $conf_PP['PWDRESET'] == 'true')
48{
49  // Add new column on user_list
50  // ---------------------------
51  add_event_handler('loc_visible_user_list', 'PP_loc_visible_user_list');
52
53  // Add prefilter on user_list
54  // --------------------------
55  add_event_handler('loc_begin_admin', 'PP_PwdReset_Action',60);
56
57  /**
58   * PP_PwdReset_Action - Triggered on PP_PwdReset_Action
59   * Handle password reset action in user_list.php
60   */
61  function PP_PwdReset_Action()
62  {
63    global $conf, $user, $template, $lang, $errors;
64
65    $page['errors'] = array();
66    $page['infos'] = array();
67    $page['filtered_users'] = array();
68
69    if (isset($_POST['pwdreset']))
70    {
71      $collection = array();
72
73      switch ($_POST['target'])
74      {
75        case 'all' :
76        {
77          foreach($page['filtered_users'] as $local_user)
78          {
79            array_push($collection, $local_user['id']);
80          }
81          break;
82        }
83        case 'selection' :
84        {
85          if (isset($_POST['selection']))
86          {
87            $collection = $_POST['selection'];
88          }
89          break;
90        }
91      }
92
93      if (count($collection) == 0)
94      {
95        array_push($page['errors'], l10n('Select at least one user'));
96      }
97    }
98
99    if (isset($_POST['pwdreset']) and count($collection) > 0)
100    {
101      if (in_array($conf['guest_id'], $collection))
102      {
103        array_push($page['errors'], l10n('PP_Guest cannot be pwdreset'));
104        $template->append('errors', l10n('PP_Guest cannot be pwdreset'));
105      }
106      if (($conf['guest_id'] != $conf['default_user_id']) and
107        in_array($conf['default_user_id'], $collection))
108      {
109        array_push($page['errors'], l10n('PP_Default user cannot be pwdreset'));
110        $template->append('errors', l10n('PP_Default user cannot be pwdreset'));
111      }
112      if (in_array($conf['webmaster_id'], $collection))
113      {
114        array_push($page['errors'], l10n('PP_Webmaster cannot be pwdreset'));
115        $template->append('errors', l10n('PP_Webmaster cannot be pwdreset'));
116      }
117      if (in_array($user['id'], $collection))
118      {
119        array_push($page['errors'], l10n('PP_You cannot pwdreset your account'));
120        $template->append('errors', l10n('PP_You cannot pwdreset your account'));
121      }
122
123      // Generic accounts exclusion (including Adult_Content generic users)
124      // ------------------------------------------------------------------
125      $query ='
126SELECT u.id
127FROM '.USERS_TABLE.' AS u
128INNER JOIN '.USER_INFOS_TABLE.' AS ui
129  ON u.id = ui.user_id
130WHERE ui.status = "generic"
131;';
132
133            $result = pwg_query($query);
134
135      while ($row = pwg_db_fetch_assoc($result))
136      {
137        if (in_array($row['id'], $collection))
138        {
139          array_push($page['errors'], l10n('PP_Generic cannot be pwdreset'));
140          $errors = l10n('PP_Generic cannot be pwdreset');
141        }
142      }
143
144      // Admins accounts exclusion
145      // --------------------------
146      $query ='
147SELECT u.id
148FROM '.USERS_TABLE.' AS u
149INNER JOIN '.USER_INFOS_TABLE.' AS ui
150  ON u.id = ui.user_id
151WHERE ui.status = "admin"
152;';
153
154            $result = pwg_query($query);
155
156      while ($row = pwg_db_fetch_assoc($result))
157      {
158        if (in_array($row['id'], $collection))
159        {
160          array_push($page['errors'], l10n('PP_Admins cannot be pwdreset'));
161          $errors = l10n('PP_Admins cannot be pwdreset');
162        }
163      }
164
165      $template->append('errors', $errors);
166
167      if (count($page['errors']) == 0)
168      {
169        if (isset($_POST['confirm_pwdreset']) and 1 == $_POST['confirm_pwdreset'])
170        {
171          foreach ($collection as $user_id)
172          {
173            PP_Set_PwdReset($user_id);
174          }
175          array_push(
176            $page['infos'],
177            l10n_dec(
178              'PP %d user pwdreseted', 'PP %d users pwdreseted',
179              count($collection)
180              )
181            );
182          $template->append('infos', l10n_dec(
183              'PP %d user pwdreseted', 'PP %d users pwdreseted',
184              count($collection)));
185          foreach ($page['filtered_users'] as $filter_key => $filter_user)
186          {
187            if (in_array($filter_user['id'], $collection))
188            {
189              unset($page['filtered_users'][$filter_key]);
190            }
191          }
192        }
193        else
194        {
195          array_push($page['errors'], l10n('PP_You need to confirm pwdreset'));
196          $template->append('errors', l10n('PP_You need to confirm pwdreset'));
197        }
198      }
199    }
200    $template->set_prefilter('user_list', 'PP_PwdReset_Prefilter');
201  }
202
203  /**
204   * PP_PwdReset_Prefilter
205   * Adds action field for password reset in user_list.tpl
206   */
207  function PP_PwdReset_Prefilter($content, &$smarty)
208  {
209    $search = '
210<fieldset>
211  <legend>{\'Deletions\'|@translate}</legend>
212  <label><input type="checkbox" name="confirm_deletion" value="1"> {\'confirm\'|@translate}</label>
213  <input class="submit" type="submit" value="{\'Delete selected users\'|@translate}" name="delete">
214</fieldset>
215';
216 
217    $addon = '
218<fieldset>
219  <legend>{\'PP_PwdReset\'|@translate}</legend>
220  <label><input type="checkbox" name="confirm_pwdreset" value="1"> {\'confirm\'|@translate}</label>
221  <input class="submit" type="submit" value="{\'PP_Password reset selected users\'|@translate}" name="pwdreset">
222</fieldset>
223';
224
225    $replacement = $addon.$search;
226
227    return str_replace($search, $replacement, $content);
228  }
229}
230
231
232// Security option : Count of login failure and lock account after x attempt
233// -------------------------------------------------------------------------
234add_event_handler('login_failure', 'PP_log_fail');
235?>
Note: See TracBrowser for help on using the repository browser.