Skip to content

Commit

Permalink
fix bugs for ldap plugin
Browse files Browse the repository at this point in the history
fixes issue #1
  • Loading branch information
silentsakky committed Dec 19, 2013
1 parent d2dd91c commit 772f565
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 10 deletions.
10 changes: 5 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,11 @@ zarafa-webapp-passwd

The Passwd plugin allows the user to change his password inside of WebApp.

This plugin is largely based on the "Passwd" plugin by Andreas Brodowski.
This plugin is largely based on the Passwd plugin by Andreas Brodowski.
For his original work check this [link](https://community.zarafa.com/pg/plugins/project/157/developer/dw2412/passwd-plugin)

## How to install
1. If you want to use this plugin with production / debug version of webapp then please download package from [community](__link_to_come__)
1. If you want to use this plugin with production / debug version of webapp then please download package from [community](https://community.zarafa.com/pg/plugins/project/23147/developer/silentsakky/webapp-password-change)
2. If you want to use this plugin with source copy of webapp then you can just download this whole project
3. Extract contents of this plugin to <webapp_path>/plugins directory
4. Give read permissions to apache for <webapp_path>/plugins/passwd directory
Expand All @@ -31,8 +31,8 @@ For his original work check this [link](https://community.zarafa.com/pg/plugins/

## Notes
- Feedback/Bug Reports are welcome
- if anyone is good at creating icons then please help me add a good icon to change password tab (credits will be given)
- If anyone is good at creating icons then please help me add a good icon to change password tab (credits will be given)

## Todo
- add password strength meter on client side, so user can create complex passwords
- check on client side for empty fields
- Add password strength meter on client side, so user can create complex passwords
- Check on client side for empty fields
28 changes: 23 additions & 5 deletions php/class.passwdmodule.php
Original file line number Diff line number Diff line change
Expand Up @@ -89,20 +89,24 @@ public function saveInLDAP($data)

// check connection is successfull
if(ldap_errno($ldapconn) === 0) {
// get the users uid, if we have a multi tenant installation then remove company name from user name
$parts = explode('@', $data['username']);
$uid = $parts[0];

// search for the user dn that will be used to do login into LDAP
$userdn = ldap_search (
$ldapconn, // connection-identify
PLUGIN_PASSWD_LDAP_BASEDN, // basedn
"uid=".$uid, // search filter
array("dn") // needed attributes. we need the dn
'uid=' . $uid, // search filter
array('dn') // needed attributes. we need the dn
);

if ($userdn) {
$userdn = ldap_get_entries($ldapconn, $userdn);
$userdn = $userdn[0]['dn'];

// bind to ldap directory
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);

// login with current password if that fails then current password is wrong
$bind = ldap_bind($ladpconn, $userdn, $data['current_password']);
Expand All @@ -117,6 +121,13 @@ public function saveInLDAP($data)
$return_mod = ldap_modify($ldapconn, $userdn, $entry);
if (ldap_errno($ldapconn) === 0) {
// password changed successfully

// write new password to session because we don't want user to re-authenticate
session_start();
$_SESSION['password'] = $passwd;
session_write_close();

// send feedback to client
$this->sendFeedback(true, array(
'info' => array(
'display_message' => _('Password is changed successfully.')
Expand Down Expand Up @@ -161,14 +172,21 @@ public function saveInDB($data)
$passwdRepeat = $data['new_password_repeat'];

if($this->checkPasswordStrenth($passwd)) {
$passwd_cmd = "/usr/bin/zarafa-passwd -u %s -o %s -p %s";
$passwd_cmd = '/usr/bin/zarafa-passwd -u %s -o %s -p %s';

// all information correct, change password
$cmd = sprintf($passwd_cmd, $data['username'], $data['current_password'], $passwd);
exec($cmd, $arrayout, $retval);

if ($retval === 0) {
// password changed successfully

// write new password to session because we don't want user to re-authenticate
session_start();
$_SESSION['password'] = $passwd;
session_write_close();

// send feedback to client
$this->sendFeedback(true, array(
'info' => array(
'display_message' => _('Password is changed successfully.')
Expand Down Expand Up @@ -222,7 +240,7 @@ function sshaEncode($text)
$salt .= substr('0123456789abcdef', rand(0, 15), 1);
}

$hash = '{SSHA}' . base64_encode(pack("H*",sha1($text . $salt)) . $salt);
$hash = '{SSHA}' . base64_encode(pack('H*',sha1($text . $salt)) . $salt);

return $hash;
}
Expand Down

0 comments on commit 772f565

Please sign in to comment.