kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

password policy enforcment for alternc accounts password change

This commit is contained in:
Benjamin Sonntag 2010-02-01 22:13:31 +00:00
parent bc0e7cdfcc
commit 4a87e43bf8
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bureau/class/m_admin.php
View File

@ -826,7 +826,7 @@ EOF;
*/ */
function dom_list() { function dom_list() {
global $db; global $db;
$db->query("SELECT m.uid,m.login,d.domaine,d.gesdns,d.gesmx,d.noerase FROM domaines d LEFT JOIN membres m ON m.uid=d.compte ORDER BY domaine;"); $db->query("SELECT m.login,d.domaine,d.gesdns,d.gesmx,d.noerase FROM domaines d LEFT JOIN membres m ON m.uid=d.compte ORDER BY domaine;");
while ($db->next_record()) { while ($db->next_record()) {
$c[]=$db->Record; $c[]=$db->Record;
} }
@ -1131,7 +1131,7 @@ EOF;
$logins=explode("@",$login); $logins=explode("@",$login);
$logins[]=$login; $logins[]=$login;
foreach($logins as $l) { foreach($logins as $l) {
if (strpos($l,$password)!==false) { if (strpos($password,$l)!==false) {
$err->raise("admin",17); $err->raise("admin",17);
return false; return false;
} }

8
bureau/class/m_mem.php
View File

@ -290,7 +290,7 @@ class m_mem {
* @return boolean TRUE si le mot de passe a été changé, FALSE sinon. * @return boolean TRUE si le mot de passe a été changé, FALSE sinon.
*/ */
function passwd($oldpass,$newpass,$newpass2) { function passwd($oldpass,$newpass,$newpass2) {
global $db,$err,$cuid; global $db,$err,$cuid,$admin;
$err->log("mem","passwd"); $err->log("mem","passwd");
$oldpass=stripslashes($oldpass); $oldpass=stripslashes($oldpass);
$newpass=stripslashes($newpass); $newpass=stripslashes($newpass);
@ -311,6 +311,12 @@ class m_mem {
$err->raise("mem",8); $err->raise("mem",8);
return false; return false;
} }
$db->query("SELECT login FROM membres WHERE uid='$cuid';");
$db->next_record();
$login=$db->Record["login"];
if (!$admin->checkPolicy("mem",$login,$newpass)) {
return false; // The error has been raised by checkPolicy()
}
$newpass=_md5cr($newpass); $newpass=_md5cr($newpass);
$db->query("UPDATE membres SET pass='$newpass' WHERE uid='$cuid';"); $db->query("UPDATE membres SET pass='$newpass' WHERE uid='$cuid';");
$err->error=0; $err->error=0;