tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-28 16:24:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

#12206 User password change limitation to local

Browse Source
This commit is contained in:
miguel angel rasteu 2023-10-09 16:03:04 +02:00
parent 116702e2b3
commit 041a13cb49
2 changed files with 61 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/general/login_page.php
View File

@ -418,7 +418,7 @@ switch ($login_screen) {
} }
if ($config['enterprise_installed']) { if ($config['enterprise_installed']) {
if ($config['reset_pass_option']) { if ($config['reset_pass_option'] && $config['auth'] === 'mysql') {
$reset_pass_link = 'reset_pass.php'; $reset_pass_link = 'reset_pass.php';
// Reset password link. // Reset password link.
echo '<div class="reset_password">'; echo '<div class="reset_password">';

116
pandora_console/godmode/users/configure_user.php
View File

@ -688,23 +688,55 @@ if ($update_user) {
$id_user = (string) get_parameter('id_user', ''); $id_user = (string) get_parameter('id_user', '');
if ($password_new != '') { if ($password_new != '') {
$correct_password = false; if ($config['auth'] !== 'mysql') {
ui_print_error_message(__('It is not possible to change the password because external authentication is being used'));
} else {
$correct_password = false;
$user_credentials_check = process_user_login($id_user, $own_password_confirm, true); $user_credentials_check = process_user_login($id_user, $own_password_confirm, true);
if ($user_credentials_check !== false) { if ($user_credentials_check !== false) {
$correct_password = true; $correct_password = true;
} }
if ((string) $password_confirm === (string) $password_new) { if ((string) $password_confirm === (string) $password_new) {
if ($correct_password === true || is_user_admin($config['id_user'])) { if ($correct_password === true || is_user_admin($config['id_user'])) {
if ((is_user_admin($config['id_user']) === false || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) { if ((is_user_admin($config['id_user']) === false || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) {
$pass_ok = login_validate_pass($password_new, $id, true); $pass_ok = login_validate_pass($password_new, $id, true);
if ($pass_ok != 1) { if ($pass_ok != 1) {
ui_print_error_message($pass_ok); ui_print_error_message($pass_ok);
} else {
$res2 = update_user_password($id, $password_new);
if ($res2) {
db_process_sql_insert(
'tsesion',
[
'id_sesion' => '',
'id_usuario' => $id,
'ip_origen' => $_SERVER['REMOTE_ADDR'],
'accion' => 'Password&#x20;change',
'descripcion' => 'Access password updated',
'fecha' => date('Y-m-d H:i:s'),
'utimestamp' => time(),
]
);
$res3 = save_pass_history($id, $password_new);
// Generate new API token.
$newToken = api_token_generate();
$res4 = update_user($id, ['api_token' => $newToken]);
}
ui_print_result_message(
$res1 || $res2,
__('User info successfully updated'),
__('Error updating user info (no change?)')
);
}
} else { } else {
$res2 = update_user_password($id, $password_new); $res2 = update_user_password($id, $password_new);
if ($res2) { if ($res2) {
$res3 = save_pass_history($id, $password_new);
db_process_sql_insert( db_process_sql_insert(
'tsesion', 'tsesion',
[ [
@ -717,7 +749,6 @@ if ($update_user) {
'utimestamp' => time(), 'utimestamp' => time(),
] ]
); );
$res3 = save_pass_history($id, $password_new);
// Generate new API token. // Generate new API token.
$newToken = api_token_generate(); $newToken = api_token_generate();
@ -731,54 +762,27 @@ if ($update_user) {
); );
} }
} else { } else {
$res2 = update_user_password($id, $password_new); if ($own_password_confirm === '') {
if ($res2) { ui_print_error_message(__('Password of the active user is required to perform password change'));
$res3 = save_pass_history($id, $password_new); } else {
db_process_sql_insert( ui_print_error_message(__('Password of active user is not correct'));
'tsesion',
[
'id_sesion' => '',
'id_usuario' => $id,
'ip_origen' => $_SERVER['REMOTE_ADDR'],
'accion' => 'Password&#x20;change',
'descripcion' => 'Access password updated',
'fecha' => date('Y-m-d H:i:s'),
'utimestamp' => time(),
]
);
// Generate new API token.
$newToken = api_token_generate();
$res4 = update_user($id, ['api_token' => $newToken]);
} }
ui_print_result_message(
$res1 || $res2,
__('User info successfully updated'),
__('Error updating user info (no change?)')
);
} }
} else { } else {
if ($own_password_confirm === '') { db_process_sql_insert(
ui_print_error_message(__('Password of the active user is required to perform password change')); 'tsesion',
} else { [
ui_print_error_message(__('Password of active user is not correct')); 'id_sesion' => '',
} 'id_usuario' => $id,
'ip_origen' => $_SERVER['REMOTE_ADDR'],
'accion' => 'Password&#x20;change',
'descripcion' => 'Access password update failed',
'fecha' => date('Y-m-d H:i:s'),
'utimestamp' => time(),
]
);
ui_print_error_message(__('Passwords does not match'));
} }
} else {
db_process_sql_insert(
'tsesion',
[
'id_sesion' => '',
'id_usuario' => $id,
'ip_origen' => $_SERVER['REMOTE_ADDR'],
'accion' => 'Password&#x20;change',
'descripcion' => 'Access password update failed',
'fecha' => date('Y-m-d H:i:s'),
'utimestamp' => time(),
]
);
ui_print_error_message(__('Passwords does not match'));
} }
} else { } else {
$has_skin = false; $has_skin = false;