SSO-in-a-Box: packages/ssoinabox-webui/root/usr/local/share/ssoinabox/htdocs/index.php@faf6f7941e8f (annotated)

0 3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	1	<?php
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	2
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	3	require('includes/starthere.php');
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	4
4 2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	5	if ( isset($_POST['action']) )
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	6	{
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	7	switch($_POST['action'])
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	8	{
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	9	case 'change-password':
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	10	try
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	11	{
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	12	// verify old password
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	13	$result = @ldap_bind($_ldapconn, ldap_make_user_dn($_SERVER['REMOTE_USER']), $_POST['old_password']);
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	14	if ( !$result )
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	15	throw new Exception("Your old password was incorrect.");
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	16
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	17	if ( ($result = test_password($_POST['password'])) !== true )
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	18	throw new Exception("Your new password $result.");
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	19
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	20	if ( $_POST['password'] !== $_POST['password_confirm'] )
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	21	throw new Exception("The passwords you entered did not match.");
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	22
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	23	if ( reset_password($_SERVER['REMOTE_USER'], $_POST['password']) )
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	24	{
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	25	// rebind to LDAP as manager, since we did a bind to verify the old password
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	26	ldap_bind($_ldapconn, $ldap_manager['dn'], $ldap_manager['password']);
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	27	queue_message(E_NOTICE, "Your password has been changed.");
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	28	break;
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	29	}
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	30	else
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	31	{
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	32	throw new Exception("Internal error when performing password reset.");
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	33	}
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	34	}
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	35	catch ( Exception $e )
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	36	{
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	37	queue_message(E_ERROR, $e->getMessage());
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	38
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	39	// rebind to LDAP as manager, since we did a bind to verify the old password
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	40	ldap_bind($_ldapconn, $ldap_manager['dn'], $ldap_manager['password']);
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	41	}
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	42	break;
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	43	case 'profile-update':
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	44	// header('Content-type: text/plain'); print_r(!empty($_POST['sshPublicKey']) ? $_POST['sshPublicKey'] : array()); exit;
7 faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	45	$ui = ldap_get_user($_SERVER['REMOTE_USER']);
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	46
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	47	foreach ( array('mail', 'sshPublicKey') as $field )
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	48	{
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	49	if ( empty($_POST[$field]) && empty($ui[$field]) )
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	50	{
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	51	// both empty, do nothing
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	52	}
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	53	else if ( empty($_POST[$field]) && !empty($ui[$field]) )
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	54	{
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	55	// POST empty, database not. Delete attr.
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	56	$result = ldap_mod_del($_ldapconn, ldap_make_user_dn($_SERVER['REMOTE_USER']), array(
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	57	$field => array()
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	58	));
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	59	}
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	60	else if ( !empty($_POST[$field]) && empty($ui[$field]) )
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	61	{
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	62	// POST filled, database empty. Add attr.
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	63	$result = ldap_mod_add($_ldapconn, ldap_make_user_dn($_SERVER['REMOTE_USER']), array(
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	64	$field => is_array($_POST[$field]) ? array_unique($_POST[$field]) : array($_POST[$field])
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	65	));
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	66	}
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	67	else if ( !empty($_POST[$field]) && !empty($ui[$field]) )
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	68	{
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	69	// POST and database filled. Replace attr.
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	70	$result = ldap_mod_replace($_ldapconn, ldap_make_user_dn($_SERVER['REMOTE_USER']), array(
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	71	$field => is_array($_POST[$field]) ? array_unique($_POST[$field]) : array($_POST[$field])
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	72	));
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	73	}
faf6f7941e8f Enhancements to User CP - handle attribute deletion/mod more gracefully Dan Fuhry <dan@fuhry.us> parents: 4 diff changeset	74	}
4 2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	75
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	76	if ( $result \|\| ldap_error($_ldapconn) === 'Success' )
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	77	{
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	78	queue_message(E_NOTICE, "Your information has been updated.");
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	79	redirect('/');
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	80	}
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	81	else
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	82	{
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	83	queue_message(E_ERROR, ldap_error($_ldapconn));
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	84	}
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	85	break;
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	86	}
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	87	}
2212b2ded8bf Added OpenSSH public key support in LDAP Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	88
0 3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	89	display_template('index');

author	Dan Fuhry <dan@fuhry.us>
	Sat, 16 Feb 2013 20:47:45 -0500
changeset 7	faf6f7941e8f
parent 4	2212b2ded8bf
permissions	-rw-r--r--