kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

password policy enforcment for alternc accounts password change

This commit is contained in:
Benjamin Sonntag 2010-02-01 22:13:31 +00:00
parent bc0e7cdfcc
commit 4a87e43bf8
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bureau/class/m_admin.php
View File

@ -826,7 +826,7 @@ EOF;
*/
function dom_list() {
global $db;
$db->query("SELECT m.uid,m.login,d.domaine,d.gesdns,d.gesmx,d.noerase FROM domaines d LEFT JOIN membres m ON m.uid=d.compte ORDER BY domaine;");
$db->query("SELECT m.login,d.domaine,d.gesdns,d.gesmx,d.noerase FROM domaines d LEFT JOIN membres m ON m.uid=d.compte ORDER BY domaine;");
while ($db->next_record()) {
$c[]=$db->Record;
}
@ -1131,7 +1131,7 @@ EOF;
$logins=explode("@",$login);
$logins[]=$login;
foreach($logins as $l) {
if (strpos($l,$password)!==false) {
if (strpos($password,$l)!==false) {
$err->raise("admin",17);
return false;
}

8
bureau/class/m_mem.php
View File

@ -290,7 +290,7 @@ class m_mem {
* @return boolean TRUE si le mot de passe a été changé, FALSE sinon.
*/
function passwd($oldpass,$newpass,$newpass2) {
global $db,$err,$cuid;
global $db,$err,$cuid,$admin;
$err->log("mem","passwd");
$oldpass=stripslashes($oldpass);
$newpass=stripslashes($newpass);
@ -311,6 +311,12 @@ class m_mem {
$err->raise("mem",8);
return false;
}
$db->query("SELECT login FROM membres WHERE uid='$cuid';");
$db->next_record();
$login=$db->Record["login"];
if (!$admin->checkPolicy("mem",$login,$newpass)) {
return false; // The error has been raised by checkPolicy()
}
$newpass=_md5cr($newpass);
$db->query("UPDATE membres SET pass='$newpass' WHERE uid='$cuid';");
$err->error=0;