SSO-in-a-Box: packages/ssoinabox-webui/root/usr/local/share/ssoinabox/htdocs/includes/functions.php@a044870a9d3d (annotated)

0 3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	1	<?php
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	2
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	3	function redirect($url)
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	4	{
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	5	header('HTTP/1.1 302 Found');
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	6	header("Location: $url");
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	7	exit;
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	8	}
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	9
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	10	/**
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	11	* Queue a message that will be displayed in a box on the next page load
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	12	* @param int Message type (E_NOTICE, E_WARNING, E_ERROR)
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	13	* @param string Message string
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	14	*/
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	15
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	16	function queue_message($code, $message)
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	17	{
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	18	$_SESSION['messages'][] = array(
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	19	'code' => $code
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	20	, 'message' => $message
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	21	);
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	22	}
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	23
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	24	function smarty_function_get_next_uid()
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	25	{
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	26	return get_next_available_uid();
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	27	}
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	28
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	29	function load_credentials()
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	30	{
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	31	$config = yaml_parse_file("/usr/local/etc/ssoinabox/webcreds.yml");
3 a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	32	$keys = array('LDAP_BASEDN', 'UID_MIN', 'GID_MIN', 'ldap_server', 'ldap_manager', 'ldap_user_basedn', 'ldap_group_basedn', 'kerberos_admin', 'PHONE_EXT_MIN', 'hmac_secret');
0 3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	33
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	34	foreach ( $keys as $key )
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	35	{
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	36	if ( !isset($config[$key]) )
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	37	die("Config key $key is not set");
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	38
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	39	if ( preg_match('/^[A-Z_]+$/', $key) )
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	40	define($key, $config[$key]);
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	41	else
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	42	$GLOBALS[$key] = $config[$key];
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	43	}
3906ca745819 First commit! Dan Fuhry <dan@fuhry.us> parents: diff changeset	44	}
3 a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	45
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	46	/**
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	47	* Test a password's policy compliance
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	48	* @param string password
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	49	* @return mixed true if compliant, otherwise a string describing why it isn't
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	50	*/
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	51
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	52	function test_password($str)
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	53	{
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	54	if ( strlen($str) < 8 )
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	55	return 'must be at least 8 characters in length';
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	56
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	57	if ( countUniqueChars($str) < 6 )
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	58	return 'must have at least 6 unique characters';
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	59
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	60	if ( strlen($str) <= 16 )
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	61	{
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	62	if ( !preg_match('/[a-z]/', $str) )
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	63	return 'must contain at least one lowercase letter';
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	64
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	65	if ( !preg_match('/[A-Z]/', $str) )
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	66	return 'must contain at least one lowercase letter';
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	67
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	68	if ( !preg_match('/[0-9]/', $str) )
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	69	return 'must contain at least one lowercase letter';
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	70
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	71	if ( !preg_match('/[^A-Za-z0-9]/', $str) )
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	72	return 'must contain at least one lowercase letter';
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	73	}
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	74
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	75	return true;
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	76	}
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	77
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	78	function countUniqueChars($str)
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	79	{
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	80	$count = 0;
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	81	$uniq = '';
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	82	for ( $i = 0; $i < strlen($str); $i++ )
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	83	{
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	84	if ( strpos($uniq, $str{$i}) === false )
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	85	$uniq .= $str{$i};
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	86	}
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	87
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	88	return strlen($uniq);
a044870a9d3d Added password reset function Dan Fuhry <dan@fuhry.us> parents: 0 diff changeset	89	}

author	Dan Fuhry <dan@fuhry.us>
	Fri, 11 Jan 2013 00:32:54 -0500
changeset 3	a044870a9d3d
parent 0	3906ca745819
child 4	2212b2ded8bf
permissions	-rw-r--r--