Changeset 25089
- Timestamp:
- Oct 23, 2013, 5:24:35 PM (11 years ago)
- Location:
- extensions/Password_Policy
- Files:
-
- 3 added
- 8 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/Password_Policy/admin/PP_admin.php
r25050 r25089 34 34 35 35 36 if (isset($_POST['submit']) and isset($_POST['PP_Password_Enforced']) and isset($_POST['PP_AdminPassword_Enforced']) and isset($_POST['PP_PwdReset'])) 36 // +----------------------------------------------------------+ 37 // | FCK Editor for email text fields | 38 // +----------------------------------------------------------+ 39 $toolbar = 'Basic'; 40 $width = '750px'; 41 $height = '300px'; 42 $areas = array(); 43 array_push($areas,'PP_CustomLockMsg'); 44 45 if (function_exists('set_fckeditor_instance')) 46 { 47 $fcke_config = unserialize($conf['FCKEditor']); 48 foreach($areas as $area) 37 49 { 50 if (!isset($fcke_config[$area])) 51 { 52 $fcke_config[$area] = false; 53 } 54 } 55 $conf['FCKEditor'] = serialize($fcke_config); 56 57 set_fckeditor_instance($areas, $toolbar, $width, $height); 58 } 59 60 61 if (isset($_POST['submit']) and isset($_POST['PP_Password_Enforced']) and isset($_POST['PP_AdminPassword_Enforced']) and isset($_POST['PP_PwdReset']) and isset($_POST['PP_LogFailedPassw'])) 62 { 63 $_POST['PP_CustomLockMsg'] = str_replace('\"', '"', str_replace("\'", "'", str_replace("\\\\", "\\", $_POST['PP_CustomLockMsg']))); 38 64 // Save global PP configuration 39 65 // ----------------------------- … … 43 69 $newconf_PP['ADMINPASSWENF'] = (isset($_POST['PP_AdminPassword_Enforced']) ? $_POST['PP_AdminPassword_Enforced'] : 'false'); 44 70 $newconf_PP['PWDRESET'] = (isset($_POST['PP_PwdReset']) ? $_POST['PP_PwdReset'] : 'false'); 71 $newconf_PP['LOGFAILBLOCK'] = (isset($_POST['PP_LogFailedPassw']) ? $_POST['PP_LogFailedPassw'] : 'false'); 72 $newconf_PP['NBLOGFAIL'] = (isset($_POST['PP_NbFailedPassw']) ? $_POST['PP_NbFailedPassw'] : '0'); 73 $newconf_PP['USRLOCKEDTXT'] = (isset($_POST['PP_CustomLockMsg']) ? $_POST['PP_CustomLockMsg'] : l10n('PP_User_Account_Locked_Txt')); 45 74 46 75 $conf['PasswordPolicy'] = serialize($newconf_PP); … … 82 111 'PP_PWDRESET_FALSE' => $conf_PP['PWDRESET']=='false' ? 'checked="checked"' : '' , 83 112 'PP_PASSWORD_TEST_SCORE' => $PP_Password_Test_Score, 113 'PP_LOGFAILEDPASSW_TRUE' => $conf_PP['LOGFAILBLOCK']=='true' ? 'checked="checked"' : '' , 114 'PP_LOGFAILEDPASSW_FALSE' => $conf_PP['LOGFAILBLOCK']=='false' ? 'checked="checked"' : '' , 115 'PP_NBLOGFAIL' => $conf_PP['NBLOGFAIL'], 116 'PP_USRLOCKEDTXT' => $conf_PP['USRLOCKEDTXT'] 84 117 ) 85 118 ); -
extensions/Password_Policy/admin/template/PP_admin.tpl
r25050 r25089 4 4 {combine_css path= $PP_PATH|@cat:'admin/template/pp.css'} 5 5 6 <script type="text/javascript"> 6 {footer_script}{literal} 7 7 jQuery().ready(function() 8 {ldelim} 8 { 9 jQuery("#PP_LoginAttempts_true").click(function() { 10 jQuery("#PP_USRLOCKEDTXT").show("slow"); 11 }); 12 jQuery("#PP_LoginAttempts_false").click(function() { 13 jQuery("#PP_USRLOCKEDTXT").hide("slow"); 14 }); 15 16 9 17 jQuery('.cluetip').cluetip( 10 { ldelim}11 width: 5 00,18 { 19 width: 550, 12 20 splitTitle: '|' 13 {rdelim}); 14 {rdelim}); 15 </script> 21 }); 22 }); 23 {/literal}{/footer_script} 24 16 25 17 26 <div class="titrePage"> … … 69 78 </label> 70 79 </li> 80 81 <li> 82 <label class="cluetip" title="{'PP_LoginAttempts'|translate}|{'PP_LoginAttempts_d'|translate}"> 83 {'PP_LoginAttempts'|@translate} 84 </label> 85 86 <label for="PP_LoginAttempts_false"><input id="PP_LoginAttempts_false" value="false" {$PP_LOGFAILEDPASSW_FALSE} name="PP_LogFailedPassw" type="radio"/> 87 {'PP_Disable'|@translate} 88 </label> 89 <label for="PP_LoginAttempts_true"><input id="PP_LoginAttempts_true" value="true" {$PP_LOGFAILEDPASSW_TRUE} name="PP_LogFailedPassw" type="radio"/> 90 {'PP_Enable'|@translate} 91 </label> 92 </li> 93 94 <ul> 95 <li id="PP_USRLOCKEDTXT" {if $PP_LOGFAILEDPASSW_FALSE} style="display: none"{/if}> 96 <label class="cluetip" title="{'PP_Max number of failed attempts'|translate}|{'PP_Max number of failed attempts_d'|translate}"> 97 {'PP_Max number of failed attempts'|@translate} <input type="text" name="PP_NbFailedPassw" value="{$PP_NBLOGFAIL}" size="5" style="text-align: center;"/> 98 </label> 99 <br /> 100 <label class="cluetip" title="{'PP_UserLocked_Custom_Txt'|translate}|{'PP_UserLocked_Custom_Txt_d'|translate}"> 101 {'PP_UserLocked_Custom_Txt'|@translate} 102 </label> 103 <textarea class="pp_textfields" name="PP_CustomLockMsg" id="PP_CustomLockMsg" rows="10" {$TAG_INPUT_ENABLED}>{$PP_USRLOCKEDTXT}</textarea> 104 {if 'FCK_PATH'|@defined} 105 <div style="text-align:right;"> 106 <a href="#" onClick="toogleEditor('PP_CustomLockMsg'); return false;">FCK Editor On/Off</a> 107 </div> 108 {/if} 109 </li> 110 </ul> 71 111 </ul> 72 112 -
extensions/Password_Policy/admin/template/pp.css
r25028 r25089 17 17 margin-bottom: 5px; 18 18 } 19 20 textarea.pp_textfields 21 { 22 width: 70%; 23 } -
extensions/Password_Policy/include/functions.inc.php
r25050 r25089 30 30 * Triggered on loc_begin_index 31 31 * 32 * Initiating GhostTracker - Perform user logout after registration if not validated32 * Initiating GhostTracker - Perform user logout after registration if account locked 33 33 */ 34 34 function PP_Init() … … 45 45 { 46 46 // Perform user logout if user account is locked 47 if ((isset($conf_PP['LOGFAILBLOCK']) and $conf_PP['LOGFAILBLOCK'] == 'true') 48 and PP_UsrBlock_Verif($user['id']) 49 and !is_admin() 50 and !is_webmaster()) 47 if ( 48 (isset($conf_PP['LOGFAILBLOCK']) and $conf_PP['LOGFAILBLOCK'] == 'true') 49 and PP_UsrBlock_Verif($user['username']) 50 and !is_admin() 51 and !is_webmaster() 52 ) 51 53 { 52 54 invalidate_user_cache(); 53 55 logout_user(); 54 if ( $conf['guest_access'])55 { 56 redirect( 56 if ($conf['guest_access']) 57 { 58 redirect(make_index_url().'?PP_msg=locked', 0); 57 59 } 58 60 else 59 61 { 60 redirect( get_root_url().'identification.php?PP_msg=locked' , 0); 61 } 62 redirect(get_root_url().'identification.php?PP_msg=locked' , 0); 63 } 64 } 65 } 66 } 67 68 69 /** 70 * Triggered on init 71 * 72 * Displays messages on index page 73 */ 74 function PP_InitPage() 75 { 76 global $conf, $template, $page, $lang, $errors; 77 78 load_language('plugin.lang', PP_PATH); 79 80 if( isset($_GET['PP_msg'])) 81 { 82 PP_DisplayMsg(); 83 } 84 } 85 86 87 /** 88 * Triggered on init 89 * 90 * Display a message according to $_GET['PP_msg'] 91 */ 92 function PP_DisplayMsg() 93 { 94 if (isset($_GET['PP_msg'])) 95 { 96 global $user, $lang, $conf, $page; 97 $conf_PP = unserialize($conf['PasswordPolicy']); 98 99 // User account locked after x failed attempts 100 if (isset($conf_PP['USRLOCKEDTXT']) and !empty($conf_PP['USRLOCKEDTXT']) and $_GET['PP_msg']=="locked") 101 { 102 if (function_exists('get_user_language_desc'))// Extended Description [lang] feature 103 { 104 $custom_text = get_user_language_desc($conf_PP['USRLOCKEDTXT']); 105 } 106 else $custom_text = l10n($conf_PP['USRLOCKEDTXT']); 107 108 $page["errors"][]=$custom_text; 62 109 } 63 110 } … … 70 117 * 71 118 */ 72 function PP_log_fail( )119 function PP_log_fail($username) 73 120 { 74 121 global $conf, $user; 122 123 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); 75 124 76 125 $conf_PP = unserialize($conf['PasswordPolicy']); … … 87 136 UPDATE '.USERS_TABLE.' 88 137 SET PP_loginfailcount = PP_loginfailcount+1 89 WHERE user _id = '.$userid.'138 WHERE username = "'.stripslashes($username).'" 90 139 LIMIT 1 91 140 ;'; … … 95 144 SELECT PP_loginfailcount 96 145 FROM '.USERS_TABLE.' 97 WHERE user _id = '.$userid.'98 ;'; 99 100 $datas = pwg_ query($query);101 102 // If number of failed logon exeeds 3, set the account as locked103 if (isset($datas['PP_loginfailcount']) and $datas['PP_loginfailcount'] > $conf_PP['NBLOGFAIL'])146 WHERE username = "'.stripslashes($username).'" 147 ;'; 148 149 $datas = pwg_db_fetch_assoc(pwg_query($query)); 150 151 // If number of failed logon exeeds $conf_PP['NBLOGFAIL'], set the account as locked 152 if (isset($datas['PP_loginfailcount']) and $datas['PP_loginfailcount'] >= $conf_PP['NBLOGFAIL']) 104 153 { 105 154 $query = ' 106 155 UPDATE '.USERS_TABLE.' 107 156 SET PP_lock = "true" 108 WHERE user _id = '.$userid.'157 WHERE username = "'.stripslashes($username).'" 109 158 LIMIT 1 110 159 ;'; 111 160 pwg_query($query); 112 } 113 } 114 } 115 116 117 /** 118 * PP_loc_visible_user_list 161 162 } 163 } 164 } 165 166 167 /** 168 * PP_user_list_pwdreset 119 169 * Adds a new feature in user_list to allow password reset for selected users by admin 120 170 * 121 171 */ 122 function PP_ loc_visible_user_list($visible_user_list)172 function PP_user_list_pwdreset($visible_user_list) 123 173 { 124 174 global $template; 175 176 load_language('plugin.lang', PP_PATH); 125 177 126 178 $template->append('plugin_user_list_column_titles', l10n('PP_PwdReset')); … … 166 218 167 219 /** 220 * PP_user_list_locked 221 * Adds a new feature in user_list to allow password reset for selected users by admin 222 * 223 */ 224 function PP_user_list_locked($visible_user_list) 225 { 226 global $template; 227 228 load_language('plugin.lang', PP_PATH); 229 230 $template->append('plugin_user_list_column_titles', l10n('PP_LockedUsers')); 231 232 $user_ids = array(); 233 234 foreach ($visible_user_list as $i => $user) 235 { 236 $user_ids[$i] = $user['id']; 237 } 238 239 $user_nums = array_flip($user_ids); 240 241 // Query to get information in database 242 // ------------------------------------ 243 if (!empty($user_ids)) 244 { 245 $query = ' 246 SELECT DISTINCT id, PP_lock 247 FROM '.USERS_TABLE.' 248 WHERE id IN ('.implode(',', $user_ids).') 249 ;'; 250 $result = pwg_query($query); 251 252 while ($row = pwg_db_fetch_assoc($result)) 253 { 254 if ($row['PP_lock'] == 'false') 255 { 256 $LockedUser = '<img src="'.PP_PATH.'admin/template/icons/nolock.png" title="'.l10n('PP_User Not Locked').'" alt="'.l10n('PP_User Not Locked').'"/>'; 257 } 258 else if ($row['PP_lock'] == 'true') 259 { 260 $LockedUser = '<img src="'.PP_PATH.'admin/template/icons/lock.png" title="'.l10n('PP_User Locked').'" alt="'.l10n('PP_User Locked').'"/>'; 261 } 262 else $LockedUser = '<img src="'.PP_PATH.'admin/template/icons/nolock.png" title="'.l10n('PP_User Not Locked').'" alt="'.l10n('PP_User Not Locked').'"/>'; 263 264 $visible_user_list[$user_nums[$row['id']]]['plugin_columns'][] = $LockedUser; // Shows users account state in user_list 265 } 266 } 267 return $visible_user_list; 268 } 269 270 271 /** 168 272 * Triggered on login_success 169 273 * … … 178 282 179 283 $conf_PP = unserialize($conf['PasswordPolicy']); 284 285 // Perfoming redirection for locked accounts 286 // ----------------------------------------- 287 if (!is_admin() and !is_a_guest() and $user['username'] != "16" and $user['username'] != "18") 288 { 289 // Perform user logout if user account is locked 290 if ((isset($conf_PP['LOGFAILBLOCK']) and $conf_PP['LOGFAILBLOCK'] == 'true') 291 and PP_UsrBlock_Verif($user['username']) 292 and !is_admin() 293 and !is_webmaster()) 294 { 295 invalidate_user_cache(); 296 logout_user(); 297 if ($conf['guest_access']) 298 { 299 redirect(make_index_url().'?PP_msg=locked', 0); 300 } 301 else 302 { 303 redirect(get_root_url().'identification.php?PP_msg=locked' , 0); 304 } 305 } 306 } 180 307 181 308 // Performing redirection to profile page for password reset … … 227 354 { 228 355 $PasswordCheck = PP_testpassword($user['password']); 229 356 230 357 if ($PasswordCheck < $conf_PP['PASSWORD_SCORE']) 231 358 { … … 238 365 { 239 366 $PasswordCheck = PP_testpassword($user['password']); 240 367 241 368 if ($PasswordCheck < $conf_PP['PASSWORD_SCORE']) 242 369 { … … 247 374 } 248 375 } 376 return $errors; 249 377 } 250 378 } … … 257 385 { 258 386 global $conf, $user, $template; 387 388 load_language('plugin.lang', PP_PATH); 259 389 260 390 $conf_PP = unserialize($conf['PasswordPolicy']); … … 458 588 * @returns : True if account is locked else False 459 589 */ 460 function PP_UsrBlock_Verif($user _id)590 function PP_UsrBlock_Verif($username) 461 591 { 462 592 global $conf; … … 465 595 SELECT PP_Lock 466 596 FROM '.USERS_TABLE.' 467 WHERE id='.$user_id.'597 WHERE username = "'.stripslashes($username).'" 468 598 ;'; 469 599 … … 475 605 } 476 606 else return false; 607 } 608 609 610 /** 611 * PP_unlock_user 612 * Action in user_list to unlock a user 613 */ 614 function PP_unlock_user($uid) 615 { 616 // Reset PP_loginfailcount value to 0 617 $query =' 618 UPDATE '.USERS_TABLE.' 619 SET PP_loginfailcount = 0 620 WHERE id = '.$uid.' 621 LIMIT 1 622 ;'; 623 624 pwg_query($query); 625 626 // Set account as unlocked 627 $query =' 628 UPDATE '.USERS_TABLE.' 629 SET PP_lock = "false" 630 WHERE id = '.$uid.' 631 LIMIT 1 632 ;'; 633 634 pwg_query($query); 477 635 } 478 636 … … 530 688 return $plugin ; 531 689 } 690 691 692 /** 693 * Useful for debugging - 4 vars can be set 694 * Output result to log.txt file 695 * 696 */ 697 function PPLog($var1, $var2, $var3, $var4) 698 { 699 $fo=fopen (PP_PATH.'log.txt','a') ; 700 fwrite($fo,"======================\n") ; 701 fwrite($fo,'le ' . date('D, d M Y H:i:s') . "\r\n"); 702 fwrite($fo,$var1 ."\r\n") ; 703 fwrite($fo,$var2 ."\r\n") ; 704 fwrite($fo,$var3 ."\r\n") ; 705 fwrite($fo,$var4 ."\r\n") ; 706 fclose($fo) ; 707 } 532 708 ?> -
extensions/Password_Policy/language/en_UK/plugin.lang.php
r25051 r25089 6 6 $lang['PP_Disable'] = ' Disable (default)'; 7 7 $lang['PP_Enable'] = ' Enable '; 8 $lang['PP_Support_txt'] = 'The official support on this plugin is only on these Piwigo forum topic:<br >8 $lang['PP_Support_txt'] = 'The official support on this plugin is only on these Piwigo forum topic:<br/> 9 9 <a href="http://piwigo.org/forum/viewtopic.php?id=" onclick="window.open(this.href);return false;">English forum - http://piwigo.org/forum/viewtopic.php?id=</a>'; 10 10 $lang['PP_PasswordTest'] = 'Score calculation'; 11 11 $lang['PP_ScoreTest'] = 'Result: '; 12 12 $lang['PP_Error_Password_Mandatory'] = 'Security : Password is mandatory !'; 13 $lang['PP_Error_Password_Need_Enforcement_%s'] = 'Security : A control system calculates a score on the chosen passwords complexity. The complexity of your password is too low (score = %s). Please, choose a new password more secure by following these rules:<br >14 - Use letters and numbers<br >15 - Use lowercase and uppercase<br >16 - Increase its length (number of characters)<br >13 $lang['PP_Error_Password_Need_Enforcement_%s'] = 'Security : A control system calculates a score on the chosen passwords complexity. The complexity of your password is too low (score = %s). Please, choose a new password more secure by following these rules:<br/> 14 - Use letters and numbers<br/> 15 - Use lowercase and uppercase<br/> 16 - Increase its length (number of characters)<br/> 17 17 The minimum passwords score required by the administrator is: '; 18 18 $lang['PP_Password_Enforced'] = 'Strengthening the security level of passwords'; … … 36 36 $lang['PP_passwtestTitle'] = 'Testing the complexity of a password'; 37 37 $lang['PP_passwtestTitle_d'] = 'Enter the password to test and then click on "Score calculation" to see the result.'; 38 $lang['PP_passwTitle_d'] = 'Enabling this option makes mandatory the seizure of a password upon registration, and requires the password chosen by the visitor to meet a minimum level of complexity. If the threshold is not reached, the score achieved and the minimum score to be achieved are displayed, along with recommendations to increase the value of this score.<br ><br>39 There is field test to measure the complexity of a password, and can afford to get an idea of the score to define complex custom.<br ><br>38 $lang['PP_passwTitle_d'] = 'Enabling this option makes mandatory the seizure of a password upon registration, and requires the password chosen by the visitor to meet a minimum level of complexity. If the threshold is not reached, the score achieved and the minimum score to be achieved are displayed, along with recommendations to increase the value of this score.<br/><br/> 39 There is field test to measure the complexity of a password, and can afford to get an idea of the score to define complex custom.<br/><br/> 40 40 Note: The score of a password is calculated based on several parameters: length, type of characters used (letters, digits, uppercase, lowercase, special characters). A score below 100 is considered low, from 100 to 500, the complexity is average; beyond 500, the security is excellent.'; 41 $lang['PP_passwadmTitle_d'] = 'An administrator can create a user account with or without application of the rule of computing complexity.<br ><br>41 $lang['PP_passwadmTitle_d'] = 'An administrator can create a user account with or without application of the rule of computing complexity.<br/><br/> 42 42 Note: If the user account created wants to change password and strengthening passwords for users is active, it will be subject to the rule set.'; 43 $lang['PP_PwdResetTitle_d'] = 'Enabling this option will add a new feature in the Piwigo\'s user management panel (Users> Manage) that can apply to renew the password for selected users. In addition, a new column is added to show the status of passwords for each of them with the following values:<br >44 - Password to be renewed: A password renewal request has been planned.<br >45 - Password renewed: The password has been renewed after a request.<br >46 - Original Password: The original password chosen at account creation and has never been required for a renewal.<br >47 Webmaster, generic and guest accounts are excluded from this function.<br>43 $lang['PP_PwdResetTitle_d'] = 'Enabling this option will add a new feature in the Piwigo\'s user management panel (Users> Manage) that can apply to renew the password for selected users. In addition, a new column is added to show the status of passwords for each of them with the following values:<br/><br/> 44 - Password to be renewed: A password renewal request has been planned.<br/> 45 - Password renewed: The password has been renewed after a request.<br/> 46 - Original Password: The original password chosen at account creation and has never been required for a renewal.<br/><br/> 47 <b style="color: red;">Webmaster, generic and guest accounts are excluded from this function.</b><br/><br/> 48 48 These users will be automatically redirected to their customization page at each of their connections until they changed their password and an explicit message will be displayed on this page.'; 49 $lang['PP_User_Account_Locked_Txt'] = 'Sorry, for security reason your access to the gallery has been locked due to too many failed login attempts. This may be due to a hacking attempt on your account. Please contact the site administrator to request the unlocking.'; 50 $lang['PP_LoginAttempts'] = 'Management of failed login attempts'; 51 $lang['PP_LoginAttempts_d'] = 'This option enables the recording of failed login attempts to the gallery due to incorrect password and automatically lock the concerned user account. It is designed to counter possible hacking attempts with the use of password dictionaries.<br/><br/> 52 <b style="color: red;">Webmaster, generic and guest accounts are excluded from this function.</b><br/><br/> 53 By enabling, you will be able to specify the maximum number of failed attempts allowed before locking and define a custom message to the user who has locked his account. This message is only displayed if the user succeeds in identification after locking.<br/><br/> 54 To unlock the accounts, go to the user management interface for your gallery. You\'ll find a new column indicating the status of accounts symbolized by a red symbol (for locked account) and green (for unlocked account). Select one or more accounts to unlock and use the unlock button designed for this purpose.'; 55 $lang['PP_Max number of failed attempts'] = 'Maximum number of failed attempts: '; 56 $lang['PP_Max number of failed attempts_d'] = 'The number 0 disables counting attempts.'; 57 $lang['PP_UserLocked_Custom_Txt'] = 'Customizing the information message to the locked user'; 58 $lang['PP_UserLocked_Custom_Txt_d'] = 'Here you can change the text of the message displayed to the user whose account has been locked. To use multiple languages, you can use the Extended description plugin\'s tags if it is active.'; 59 $lang['PP_LockedUsers'] = 'Locking state'; 60 $lang['PP_Unlock'] = 'Unlocking'; 61 $lang['PP_Unlock selected users'] = 'Unlock selected users'; 62 $lang['PP_Guest is not unlockable'] = 'Guest users can not be locked and can not be unlocked'; 63 $lang['PP_Default user is not unlockable'] = 'Default user can not be locked and can not be unlocked'; 64 $lang['PP_Webmaster is not unlockable'] = 'Webmaster users can not be locked and can not be unlocked'; 65 $lang['PP_You cannot unlock your account'] = 'You can not unlock your own account'; 66 $lang['PP_Generic is not unlockable'] = 'Generic users can not be locked and can not be unlocked'; 67 $lang['PP_Admins is not unlockable'] = 'Admin users can not be locked and can not be unlocked'; 68 $lang['PP_User Not Locked'] = 'User not locked'; 69 $lang['PP_User Locked'] = 'User locked'; 70 $lang['PP_You need to confirm unlock'] = 'You must confirm unlocking (check box)!'; 49 71 ?> -
extensions/Password_Policy/language/fr_FR/plugin.lang.php
r25051 r25089 6 6 $lang['PP_Disable'] = ' Désactiver (valeur par défaut)'; 7 7 $lang['PP_Enable'] = ' Activer '; 8 $lang['PP_Support_txt'] = 'Le support officiel sur ce plugin se fait exclusivement sur ce fil du forum FR de Piwigo:<br >8 $lang['PP_Support_txt'] = 'Le support officiel sur ce plugin se fait exclusivement sur ce fil du forum FR de Piwigo:<br/> 9 9 <a href="http://fr.piwigo.org/forum/viewtopic.php?id=" onclick="window.open(this.href);return false;">Forum français - http://fr.piwigo.org/forum/viewtopic.php?id=</a>'; 10 10 $lang['PP_PasswordTest'] = 'Calcul du score'; 11 11 $lang['PP_ScoreTest'] = 'Résultat: '; 12 12 $lang['PP_Error_Password_Mandatory'] = 'Sécurité : Le mot de passe est obligatoire !'; 13 $lang['PP_Error_Password_Need_Enforcement_%s'] = 'Sécurité : Un système de contrôle calcule un score de complexité sur les mots de passe choisis. La complexité de votre mot de passe est trop faible (score = %s). Veuillez choisir un nouveau mot de passe plus sûr en respectant les règles suivantes :<br >14 - Utiliser des lettres et des chiffres<br >15 - Utiliser des minuscules et des majuscules<br >16 - Augmenter sa longueur (nombre de caractères)<br >13 $lang['PP_Error_Password_Need_Enforcement_%s'] = 'Sécurité : Un système de contrôle calcule un score de complexité sur les mots de passe choisis. La complexité de votre mot de passe est trop faible (score = %s). Veuillez choisir un nouveau mot de passe plus sûr en respectant les règles suivantes :<br/> 14 - Utiliser des lettres et des chiffres<br/> 15 - Utiliser des minuscules et des majuscules<br/> 16 - Augmenter sa longueur (nombre de caractères)<br/> 17 17 Le score minimal des mots de passe imposé par l\'administrateur est de : '; 18 18 $lang['PP_Password_Enforced'] = 'Renforcement de la sécurité des mots de passe'; … … 36 36 $lang['PP_passwtestTitle'] = 'Tester la complexité d\'un mot de passe'; 37 37 $lang['PP_passwtestTitle_d'] = 'Saisir le mot de passe à tester puis cliquer sur le bouton "Calcul du score" pour afficher le résultat.'; 38 $lang['PP_passwTitle_d'] = 'L\'activation de cette option rend obligatoire la saisie d\'un mot de passe à l\'inscription, et oblige le mot de passe choisi par le visiteur à répondre à un niveau minimum de complexité. Si ce seuil n\'est pas atteint, le score réalisé et le score minimum à atteindre sont affichés, ainsi que des recommandations pour augmenter la valeur de ce score.<br ><br>39 Un champ de test permet de mesurer la complexité d\'un mot de passe, et peut permettre de se faire une idée du score à définir pour une complexité personnalisée.<br ><br>38 $lang['PP_passwTitle_d'] = 'L\'activation de cette option rend obligatoire la saisie d\'un mot de passe à l\'inscription, et oblige le mot de passe choisi par le visiteur à répondre à un niveau minimum de complexité. Si ce seuil n\'est pas atteint, le score réalisé et le score minimum à atteindre sont affichés, ainsi que des recommandations pour augmenter la valeur de ce score.<br/><br/> 39 Un champ de test permet de mesurer la complexité d\'un mot de passe, et peut permettre de se faire une idée du score à définir pour une complexité personnalisée.<br/><br/> 40 40 NB: Le score d\'un mot de passe est calculé en fonction de plusieurs paramètres : longueur, types de caractères utilisés (lettres, chiffres, majuscules, minuscules, caractères spéciaux). Un score inférieur à 100 est considéré comme faible; de 100 à 500, la complexité est dans la moyenne; au-delà de 500, la sécurité est excellente.'; 41 $lang['PP_passwadmTitle_d'] = 'Un administrateur peut créer un compte d\'utilisateur avec ou sans application de la règle de calcul de complexité.<br ><br>41 $lang['PP_passwadmTitle_d'] = 'Un administrateur peut créer un compte d\'utilisateur avec ou sans application de la règle de calcul de complexité.<br/><br/> 42 42 A noter : Si l\'utilisateur du compte ainsi créé désire changer de mot de passe et que le renforcement des mots de passe pour les utilisateurs est actif, il sera soumis à la règle configurée.'; 43 $lang['PP_PwdResetTitle_d'] = 'L\'activation de cette option ajoutera une nouvelle fonction dans le panneau de gestion de utilisateurs (Utilisateurs > Gérer) de Piwigo qui permet de demander le renouvellement du mot de passe pour les utilisateurs sélectionnés. De plus, une nouvelle colonne s\'ajoutera pour présenter le statut des mots de passe pour chacun d\'eux avec les valeurs suivantes :<br >44 - Mot de passe à changer : Une demande de changement de mot de passe a été programmée.<br >45 - Mot de passe modifié : Le mot de passe a été changé suite à une demande.<br >46 - Mot de passe original : Le mot de passe est celui choisi à la création du compte et n\'a jamais fait l\'objet d\'une demande de changement.<br >47 Le compte webmaster, génériques et invités (Guest) sont exclus de cette fonction.<br><br>43 $lang['PP_PwdResetTitle_d'] = 'L\'activation de cette option ajoutera une nouvelle fonction dans le panneau de gestion de utilisateurs (Utilisateurs > Gérer) de Piwigo qui permet de demander le renouvellement du mot de passe pour les utilisateurs sélectionnés. De plus, une nouvelle colonne s\'ajoutera pour présenter le statut des mots de passe pour chacun d\'eux avec les valeurs suivantes :<br/><br/> 44 - Mot de passe à changer : Une demande de changement de mot de passe a été programmée.<br/> 45 - Mot de passe modifié : Le mot de passe a été changé suite à une demande.<br/> 46 - Mot de passe original : Le mot de passe est celui choisi à la création du compte et n\'a jamais fait l\'objet d\'une demande de changement.<br/><br/> 47 <b style="color: red;">Le compte webmaster, génériques et invités (Guest) sont exclus de cette fonction.</b><br/><br/> 48 48 Ces utilisateurs seront alors systématiquement redirigés vers leur page de personnalisation à chacune de leurs connexions tant qu\'ils n\'auront pas modifié leur mot de passe. Un message explicite sera affiché sur cette page.'; 49 $lang['PP_User_Account_Locked_Txt'] = 'Désolé, pour des raisons de sécurité votre accès à la galerie a été verrouillé en raison d\'un trop grand nombre de tentatives de connexion infructueuses. Ceci peut être dû à une tentative de piratage de votre compte. Veuillez contacter l\'administrateur du site pour en demander le déverrouillage.'; 50 $lang['PP_LoginAttempts'] = 'Gestion des tentatives de connexion echouées'; 51 $lang['PP_LoginAttempts_d'] = 'Cette option permet de comptabiliser les tentatives échouées de connexion à la galerie pour cause de mot de passe erroné et de verrouiller automatiquement le compte d\'utilisateur concerné. Elle est prévue pour contrer d\'éventuelles tentatives de piratage par usage de dictionnaires de mots de passe.<br/><br/> 52 <b style="color: red;">Le compte webmaster, génériques et invités (Guest) sont exclus de cette fonction.</b><br/><br/> 53 En l\'activant, vous aurez la possibilité de préciser le nombre maximum de tentatives autorisées avant verrouillage et de définir un message personnalisé d\'information à l\'utilisateur qui aura son compte verrouillé. Ce message n\'est affiché que si l\'utilisateur en question arrive à s\'identifier correctement après le verrouillage.<br/><br/> 54 Pour déverrouiller les comptes, rendez-vous dans l\'interface de gestion des utilisateurs de votre galerie. Vous y trouverez une nouvelle colonne indiquant l\'état des comptes symbolisé par un pictogramme rouge (pour compte verrouillé) et vert (pour compte non verrouillé). Sélectionnez le ou les compte(s) à déverrouiller et utiliser le bouton de déverrouillage prévu à cet effet.'; 55 $lang['PP_Max number of failed attempts'] = 'Nombre maximum de tentatives : '; 56 $lang['PP_Max number of failed attempts_d'] = 'Le chiffre 0 désactive le comptage des tentatives.'; 57 $lang['PP_UserLocked_Custom_Txt'] = 'Personnalisation du message d\'information à l\'utilisateur verrouillé'; 58 $lang['PP_UserLocked_Custom_Txt_d'] = 'Vous pouvez modifier ici le texte du message affiché à l\'utilisateur dont le compte est verrouillé. Pour une utilisation multi-langues, vous pouvez utiliser les balises [lang] du plugin Extended Description si celui-ci est actif.'; 59 $lang['PP_LockedUsers'] = 'Verrouillages'; 60 $lang['PP_Unlock'] = 'Déverrouillage'; 61 $lang['PP_Unlock selected users'] = 'Déverrouiller les utilisateurs sélectionnés'; 62 $lang['PP_Guest is not unlockable'] = 'Les utilisateurs invités ne sont pas verrouillables et ne peuvent pas être déverrouillés'; 63 $lang['PP_Default user is not unlockable'] = 'Les utilisateurs par défaut ne sont pas verrouillables et ne peuvent pas être déverrouillés'; 64 $lang['PP_Webmaster is not unlockable'] = 'Les utilisateurs webmaster ne sont pas verrouillables et ne peuvent pas être déverrouillés'; 65 $lang['PP_You cannot unlock your account'] = 'Vous ne pouvez pas déverrouiller votre propre compte'; 66 $lang['PP_Generic is not unlockable'] = 'Les utilisateurs génériques ne sont pas verrouillables et ne peuvent pas être déverrouillés'; 67 $lang['PP_Admins is not unlockable'] = 'Les utilisateurs administrateurs ne sont pas verrouillables et ne peuvent pas être déverrouillés'; 68 $lang['PP_User Not Locked'] = 'Utilisateur non verrouillé'; 69 $lang['PP_User Locked'] = 'Utilisateur verrouillé'; 70 $lang['PP_You need to confirm unlock'] = 'Vous devez confirmer le déverrouillage (case à cocher) !'; 49 71 ?> -
extensions/Password_Policy/main.inc.php
r25050 r25089 2 2 /* 3 3 Plugin Name: Password Policy 4 Version: 2.5.04 Version: auto 5 5 Description: Renforcer la sécurité des mots de passe - Enforce password security 6 6 Plugin URI: http://piwigo.org/ext/extension_view.php?eid= … … 19 19 20 20 load_language('plugin.lang', PP_PATH); 21 21 22 $conf_PP = unserialize($conf['PasswordPolicy']); 22 23 … … 29 30 // --------------------------------------- 30 31 add_event_handler('loc_begin_index', 'PP_Init'); 32 33 // Display messages on index page 34 // ------------------------------ 35 add_event_handler('init', 'PP_InitPage'); 31 36 32 37 // Check users registration … … 41 46 // Redirection to profile page 42 47 // --------------------------- 43 add_event_handler('login_success', 'PP_LoginTasks',EVENT_HANDLER_PRIORITY_NEUTRAL, 1); 48 add_event_handler('login_success', 'PP_LoginTasks',EVENT_HANDLER_PRIORITY_NEUTRAL+10, 1); 49 50 // Security option : Count of login failure and lock account after x attempt 51 // ------------------------------------------------------------------------- 52 add_event_handler('login_failure', 'PP_log_fail'); 44 53 45 54 // Add new feature in user_list - Password Reset … … 49 58 // Add new column on user_list 50 59 // --------------------------- 51 add_event_handler('loc_visible_user_list', 'PP_ loc_visible_user_list');60 add_event_handler('loc_visible_user_list', 'PP_user_list_pwdreset'); 52 61 53 62 // Add prefilter on user_list … … 66 75 $page['infos'] = array(); 67 76 $page['filtered_users'] = array(); 77 78 load_language('plugin.lang', PP_PATH); 68 79 69 80 if (isset($_POST['pwdreset'])) … … 230 241 231 242 232 // Security option : Count of login failure and lock account after x attempt 233 // ------------------------------------------------------------------------- 234 add_event_handler('login_failure', 'PP_log_fail'); 243 // Add new feature in user_list - Show locked accounts and give unlock function 244 // ---------------------------------------------------------------------------- 245 if (isset($conf_PP['LOGFAILBLOCK']) and $conf_PP['LOGFAILBLOCK']=='true') 246 { 247 // Add new column on user_list 248 // --------------------------- 249 add_event_handler('loc_visible_user_list', 'PP_user_list_locked'); 250 251 // Add prefilter on user_list 252 // -------------------------- 253 add_event_handler('loc_begin_admin', 'PP_Unlock_Action',60); 254 255 /** 256 * PP_Unlock_Action - Triggered on PP_Unlock_Action 257 * Handle unlocking action in user_list.php 258 */ 259 function PP_Unlock_Action() 260 { 261 global $conf, $user, $template, $lang, $errors; 262 263 $page['errors'] = array(); 264 $page['infos'] = array(); 265 $page['filtered_users'] = array(); 266 267 load_language('plugin.lang', PP_PATH); 268 269 if (isset($_POST['unlock'])) 270 { 271 $collection = array(); 272 273 switch ($_POST['target']) 274 { 275 case 'all' : 276 { 277 foreach($page['filtered_users'] as $local_user) 278 { 279 array_push($collection, $local_user['id']); 280 } 281 break; 282 } 283 case 'selection' : 284 { 285 if (isset($_POST['selection'])) 286 { 287 $collection = $_POST['selection']; 288 } 289 break; 290 } 291 } 292 293 if (count($collection) == 0) 294 { 295 array_push($page['errors'], l10n('Select at least one user')); 296 } 297 } 298 299 if (isset($_POST['unlock']) and count($collection) > 0) 300 { 301 if (in_array($conf['guest_id'], $collection)) 302 { 303 array_push($page['errors'], l10n('PP_Guest is not unlockable')); 304 $template->append('errors', l10n('PP_Guest is not unlockable')); 305 } 306 if (($conf['guest_id'] != $conf['default_user_id']) and 307 in_array($conf['default_user_id'], $collection)) 308 { 309 array_push($page['errors'], l10n('PP_Default user is not unlockable')); 310 $template->append('errors', l10n('PP_Default user is not unlockable')); 311 } 312 if (in_array($conf['webmaster_id'], $collection)) 313 { 314 array_push($page['errors'], l10n('PP_Webmaster is not unlockable')); 315 $template->append('errors', l10n('PP_Webmaster is not unlockable')); 316 } 317 if (in_array($user['id'], $collection)) 318 { 319 array_push($page['errors'], l10n('PP_You cannot unlock your account')); 320 $template->append('errors', l10n('PP_You cannot unlock your account')); 321 } 322 323 // Generic accounts exclusion (including Adult_Content generic users) 324 // ------------------------------------------------------------------ 325 $query =' 326 SELECT u.id 327 FROM '.USERS_TABLE.' AS u 328 INNER JOIN '.USER_INFOS_TABLE.' AS ui 329 ON u.id = ui.user_id 330 WHERE ui.status = "generic" 331 ;'; 332 333 $result = pwg_query($query); 334 335 while ($row = pwg_db_fetch_assoc($result)) 336 { 337 if (in_array($row['id'], $collection)) 338 { 339 array_push($page['errors'], l10n('PP_Generic is not unlockable')); 340 $errors = l10n('PP_Generic is not unlockable'); 341 } 342 } 343 344 // Admins accounts exclusion 345 // -------------------------- 346 $query =' 347 SELECT u.id 348 FROM '.USERS_TABLE.' AS u 349 INNER JOIN '.USER_INFOS_TABLE.' AS ui 350 ON u.id = ui.user_id 351 WHERE ui.status = "admin" 352 ;'; 353 354 $result = pwg_query($query); 355 356 while ($row = pwg_db_fetch_assoc($result)) 357 { 358 if (in_array($row['id'], $collection)) 359 { 360 array_push($page['errors'], l10n('PP_Admins is not unlockable')); 361 $errors = l10n('PP_Admins is not unlockable'); 362 } 363 } 364 365 $template->append('errors', $errors); 366 367 if (count($page['errors']) == 0) 368 { 369 if (isset($_POST['confirm_unlock']) and 1 == $_POST['confirm_unlock']) 370 { 371 foreach ($collection as $user_id) 372 { 373 PP_unlock_user($user_id); 374 } 375 array_push( 376 $page['infos'], 377 l10n_dec( 378 'PP %d user unlocked', 'PP %d users unlocked', 379 count($collection) 380 ) 381 ); 382 $template->append('infos', l10n_dec( 383 'PP %d user unlocked', 'PP %d users unlocked', 384 count($collection))); 385 foreach ($page['filtered_users'] as $filter_key => $filter_user) 386 { 387 if (in_array($filter_user['id'], $collection)) 388 { 389 unset($page['filtered_users'][$filter_key]); 390 } 391 } 392 } 393 else 394 { 395 array_push($page['errors'], l10n('PP_You need to confirm unlock')); 396 $template->append('errors', l10n('PP_You need to confirm unlock')); 397 } 398 } 399 } 400 $template->set_prefilter('user_list', 'PP_Unlocking_Prefilter'); 401 } 402 403 /** 404 * PP_Unlocking_Prefilter 405 * Adds action field for user unlocking in user_list.tpl 406 */ 407 function PP_Unlocking_Prefilter($content, &$smarty) 408 { 409 $search = ' 410 <fieldset> 411 <legend>{\'Deletions\'|@translate}</legend> 412 <label><input type="checkbox" name="confirm_deletion" value="1"> {\'confirm\'|@translate}</label> 413 <input class="submit" type="submit" value="{\'Delete selected users\'|@translate}" name="delete"> 414 </fieldset> 415 '; 416 417 $addon = ' 418 <fieldset> 419 <legend>{\'PP_Unlock\'|@translate}</legend> 420 <label><input type="checkbox" name="confirm_unlock" value="1"> {\'confirm\'|@translate}</label> 421 <input class="submit" type="submit" value="{\'PP_Unlock selected users\'|@translate}" name="unlock"> 422 </fieldset> 423 '; 424 425 $replacement = $addon.$search; 426 427 return str_replace($search, $replacement, $content); 428 } 429 } 235 430 ?> -
extensions/Password_Policy/maintain.inc.php
r25028 r25089 32 32 'ADMINPASSWENF' => 'false', 33 33 'PWDRESET' => 'false', 34 'LOGFAILBLOCK' => 'false', 34 35 'NBLOGFAIL' => '0', 35 'LOGFAILBLOCK' => 'false', 36 'USRLOCKED' => l10n('PP_User_Account_Locked_Txt') 36 'USRLOCKEDTXT' => l10n('PP_User_Account_Locked_Txt') 37 37 ); 38 38 … … 95 95 $q = ' 96 96 ALTER TABLE '.USERS_TABLE.' 97 ADD PP_loginfailcount INT N ULL DEFAULT NULL97 ADD PP_loginfailcount INT NOT NULL DEFAULT "0" 98 98 ;'; 99 99 pwg_query($q);
Note: See TracChangeset
for help on using the changeset viewer.