Changeset 25092 for extensions/UserAdvManager/trunk/include
- Timestamp:
- Oct 23, 2013, 6:02:26 PM (11 years ago)
- Location:
- extensions/UserAdvManager/trunk/include
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/UserAdvManager/trunk/include/functions.inc.php
r25062 r25092 223 223 load_language('plugin.lang', UAM_PATH); 224 224 225 $PasswordCheck = 0;226 227 225 $conf_UAM = unserialize($conf['UserAdvManager']); 228 229 // Password enforcement control230 // ----------------------------231 if (isset($conf_UAM['PASSWORDENF']) and $conf_UAM['PASSWORDENF'] == 'true' and !empty($conf_UAM['PASSWORD_SCORE']))232 {233 if (!empty($user['password']) and !is_admin())234 {235 $PasswordCheck = testpassword($user['password']);236 237 if ($PasswordCheck < $conf_UAM['PASSWORD_SCORE'])238 {239 $message = get_l10n_args('UAM_reg_err_login4_%s', $PasswordCheck);240 $lang['reg_err_pass'] = l10n_args($message).$conf_UAM['PASSWORD_SCORE'];241 array_push($errors, $lang['reg_err_pass']);242 }243 }244 else if (!empty($user['password']) and is_admin() and isset($conf_UAM['ADMINPASSWENF']) and $conf_UAM['ADMINPASSWENF'] == 'true')245 {246 $PasswordCheck = testpassword($user['password']);247 248 if ($PasswordCheck < $conf_UAM['PASSWORD_SCORE'])249 {250 $message = get_l10n_args('UAM_reg_err_login4_%s', $PasswordCheck);251 $lang['reg_err_pass'] = l10n_args($message).$conf_UAM['PASSWORD_SCORE'];252 array_push($errors, $lang['reg_err_pass']);253 }254 }255 }256 226 257 227 // Username without forbidden keys … … 302 272 } 303 273 304 // Special message display for password reset305 // ------------------------------------------306 if ((isset($conf_UAM['PWDRESET']) and $conf_UAM['PWDRESET'] == 'true'))307 {308 if (UAM_check_pwgreset($user['id']))309 {310 $template->append('errors', l10n('UAM_Password_Reset_Msg'));311 }312 }313 314 274 // Controls on profile page submission 315 275 // ----------------------------------- … … 327 287 } 328 288 329 // Password reset control330 // ----------------------331 if (isset($conf_UAM['PWDRESET']) and $conf_UAM['PWDRESET'] == 'true' and UAM_check_pwgreset($user['id']))332 {333 // if password not changed then pwdreset field = true else pwdreset field = false334 // ------------------------------------------------------------------------------335 if (!empty($_POST['use_new_pwd']))336 {337 $query = '338 UPDATE '.USERS_TABLE.'339 SET UAM_pwdreset = "false"340 WHERE id = '.$user['id'].'341 LIMIT 1342 ;';343 pwg_query($query);344 }345 }346 347 289 $typemail = 3; // Only information email send to user on user profile update if checked 348 290 … … 350 292 { 351 293 $typemail = 2; // Confirmation email on user profile update - With information email 352 353 // Password enforcement control354 // ----------------------------355 if (isset($conf_UAM['PASSWORDENF']) and $conf_UAM['PASSWORDENF'] == 'true' and !empty($conf_UAM['PASSWORD_SCORE']))356 {357 $PasswordCheck = testpassword($_POST['use_new_pwd']);358 359 if ($PasswordCheck < $conf_UAM['PASSWORD_SCORE'])360 {361 $message = get_l10n_args('UAM_reg_err_login4_%s', $PasswordCheck);362 $template->append('errors', l10n_args($message).$conf_UAM['PASSWORD_SCORE']);363 unset($_POST['use_new_pwd']);364 unset($_POST['validate']);365 }366 }367 294 } 368 295 … … 453 380 or (!is_admin() and !is_webmaster())) 454 381 { 382 455 383 // Performing redirection to profile page on first login 456 384 // ----------------------------------------------------- … … 469 397 if (!UAM_check_profile($user['id'], $user_idsOK)) 470 398 redirect(PHPWG_ROOT_PATH.'profile.php'); 471 }472 }473 474 // Performing redirection to profile page for password reset475 // ---------------------------------------------------------476 if ((isset($conf_UAM['PWDRESET']) and $conf_UAM['PWDRESET'] == 'true'))477 {478 $query ='479 SELECT user_id, status480 FROM '.USER_INFOS_TABLE.'481 WHERE user_id = '.$user['id'].'482 ;';483 $data = pwg_db_fetch_assoc(pwg_query($query));484 485 if ($data['status'] <> "webmaster" and $data['status'] <> "generic") // Exclusion of specific accounts486 {487 if (UAM_check_pwgreset($user['id']))488 {489 redirect(PHPWG_ROOT_PATH.'profile.php');490 }491 399 } 492 400 } … … 1062 970 if (function_exists('get_user_language_desc')) 1063 971 { 1064 $custom_text = get_user_language_desc(preg_replace($patterns, $replacements, $conf_UAM_ConfirmMail['CONFIRMMAIL_CUSTOM_TXT1'])); 972 $login_link = '<a href="'.get_gallery_home_url().'" style="font-weight: bold;text-align: center;color: #FF0000;text-transform: uppercase;">'.l10n('UAM_Follow this link to access the gallery').'</a>'; 973 $custom_text = get_user_language_desc(preg_replace($patterns, $replacements, $conf_UAM_ConfirmMail['CONFIRMMAIL_CUSTOM_TXT1']))."<br/><br/>".$login_link; 1065 974 } 1066 975 else … … 1070 979 $page['infos'][]=$custom_text; 1071 980 } 1072 } 981 } 1073 982 else 1074 983 { … … 2140 2049 { 2141 2050 $query = ' 2142 INSERT INTO '.USER_INFOS_TABLE.' 2143 (user_id, level) 2144 VALUES 2145 ('.$user_id.', "'.$conf_UAM['NO_VALID_LEVEL'].'") 2051 UPDATE '.USER_INFOS_TABLE.' 2052 SET level = "'.$conf_UAM['NO_VALID_LEVEL'].'" 2053 WHERE user_id = '.$user_id.' 2146 2054 ;'; 2147 2055 2148 2056 pwg_query($query); 2057 2058 // $query = ' 2059 //INSERT INTO '.USER_INFOS_TABLE.' 2060 // (user_id, level) 2061 //VALUES 2062 // ('.$user_id.', "'.$conf_UAM['NO_VALID_LEVEL'].'") 2063 //;'; 2064 // 2065 // pwg_query($query); 2149 2066 } 2150 2067 } … … 3016 2933 3017 2934 /** 3018 * Returns a password's score for password complexity check3019 *3020 * @param : password filled by user3021 *3022 * @return : Score calculation3023 *3024 * Thanx to MathieuGut from http://m-gut.developpez.com3025 */3026 function testpassword($password) // $password given by user3027 {3028 3029 // Variables initiation3030 // --------------------3031 $points = 0;3032 $point_lowercase = 0;3033 $point_uppercase = 0;3034 $point_numbers = 0;3035 $point_characters = 0;3036 3037 // Getting password lengh3038 // ----------------------3039 $length = strlen($password);3040 3041 // Loop to read password characters3042 for($i = 0; $i < $length; $i++)3043 {3044 // Select each letters3045 // $i is 0 at first turn3046 // ---------------------3047 $letters = $password[$i];3048 3049 if ($letters>='a' && $letters<='z')3050 {3051 // Adding 1 point to score for a lowercase3052 // ---------------------------------------3053 $points = $points + 1;3054 3055 // Adding bonus points for lowercase3056 // ---------------------------------3057 $point_lowercase = 1;3058 }3059 else if ($letters>='A' && $letters <='Z')3060 {3061 // Adding 2 points to score for uppercase3062 // --------------------------------------3063 $points = $points + 2;3064 3065 // Adding bonus points for uppercase3066 // ---------------------------------3067 $point_uppercase = 2;3068 }3069 else if ($letters>='0' && $letters<='9')3070 {3071 // Adding 3 points to score for numbers3072 // ------------------------------------3073 $points = $points + 3;3074 3075 // Adding bonus points for numbers3076 // -------------------------------3077 $point_numbers = 3;3078 }3079 else3080 {3081 // Adding 5 points to score for special characters3082 // -----------------------------------------------3083 $points = $points + 5;3084 3085 // Adding bonus points for special characters3086 // ------------------------------------------3087 $point_characters = 5;3088 }3089 }3090 3091 // Calculating the coefficient points/length3092 // -----------------------------------------3093 $step1 = $points / $length;3094 3095 // Calculation of the diversity of character types...3096 // --------------------------------------------------3097 $step2 = $point_lowercase + $point_uppercase + $point_numbers + $point_characters;3098 3099 // Multiplying the coefficient of diversity with that of the length3100 // ----------------------------------------------------------------3101 $score = $step1 * $step2;3102 3103 // Multiplying the result by the length of the string3104 // --------------------------------------------------3105 $finalscore = $score * $length;3106 3107 return $finalscore;3108 }3109 3110 3111 /**3112 2935 * UAM_check_profile - Thx to LucMorizur 3113 2936 * checks if a user id is registered as having already … … 3140 2963 } 3141 2964 return $v; 3142 }3143 3144 3145 /**3146 * UAM_check_pwdreset3147 * checks if a user id is registered as having already3148 * changed his password.3149 *3150 * @uid : the user id3151 *3152 * @returns : true or false whether the users has already changed his password3153 *3154 */3155 function UAM_check_pwgreset($uid)3156 {3157 $query = '3158 SELECT UAM_pwdreset3159 FROM '.USERS_TABLE.'3160 WHERE id='.$uid.'3161 ;';3162 3163 $result = pwg_db_fetch_assoc(pwg_query($query));3164 3165 if($result['UAM_pwdreset'] == 'true')3166 {3167 return true;3168 }3169 else return false;3170 2965 } 3171 2966 … … 3230 3025 3231 3026 pwg_query($query); 3232 }3233 3234 3235 /**3236 * UAM_Set_PwdReset3237 * Action in user_list to set a password reset for a user3238 */3239 function UAM_Set_PwdReset($uid)3240 {3241 $query ='3242 UPDATE '.USERS_TABLE.'3243 SET UAM_pwdreset = "true"3244 WHERE id = '.$uid.'3245 LIMIT 13246 ;';3247 3248 pwg_query($query);3249 }3250 3251 3252 /**3253 * UAM_loc_visible_user_list3254 * Adds a new feature in user_list to allow password reset for selected users by admin3255 *3256 */3257 function UAM_loc_visible_user_list($visible_user_list)3258 {3259 global $template;3260 3261 $template->append('plugin_user_list_column_titles', l10n('UAM_PwdReset'));3262 3263 $user_ids = array();3264 3265 foreach ($visible_user_list as $i => $user)3266 {3267 $user_ids[$i] = $user['id'];3268 }3269 3270 $user_nums = array_flip($user_ids);3271 3272 // Query to get information in database3273 // ------------------------------------3274 if (!empty($user_ids))3275 {3276 $query = '3277 SELECT DISTINCT id, UAM_pwdreset3278 FROM '.USERS_TABLE.'3279 WHERE id IN ('.implode(',', $user_ids).')3280 ;';3281 $result = pwg_query($query);3282 3283 while ($row = pwg_db_fetch_assoc($result))3284 {3285 if ($row['UAM_pwdreset'] == 'false')3286 {3287 $pwdreset = l10n('UAM_PwdReset_Done');3288 }3289 else if ($row['UAM_pwdreset'] == 'true')3290 {3291 $pwdreset = l10n('UAM_PwdReset_Todo');3292 }3293 else $pwdreset = l10n('UAM_PwdReset_NA');3294 3295 $visible_user_list[$user_nums[$row['id']]]['plugin_columns'][] = $pwdreset; // Shows users password state in user_list3296 }3297 }3298 return $visible_user_list;3299 3027 } 3300 3028 -
extensions/UserAdvManager/trunk/include/upgradedb.inc.php
r24212 r25092 834 834 conf_update_param('UserAdvManager', pwg_db_real_escape_string($update_conf)); 835 835 } 836 837 838 /* upgrade from 2.50.x to 2.51.0 */ 839 /* ***************************** */ 840 function upgrade_2500_2510() 841 { 842 global $conf; 843 844 load_language('plugin.lang', UAM_PATH); 845 846 // Upgrade $conf_UAM options 847 $conf_UAM = unserialize($conf['UserAdvManager']); 848 849 unset ($conf_UAM['PASSWORDENF']); 850 unset ($conf_UAM['PASSWORD_SCORE']); 851 unset ($conf_UAM['ADMINPASSWENF']); 852 unset ($conf_UAM['PWDRESET']); 853 854 $update_conf = serialize($conf_UAM); 855 856 conf_update_param('UserAdvManager', pwg_db_real_escape_string($update_conf)); 857 858 // Cleanup obsolete database modification 859 $q = ' 860 ALTER TABLE '.USERS_TABLE.' 861 DROP UAM_pwdreset 862 ;'; 863 pwg_query($q); 864 } 836 865 ?>
Note: See TracChangeset
for help on using the changeset viewer.