fixed change password, removed old form

SE/se-lib/ProcesMenu.php

@@ -850,11 +850,11 @@ jQuery(document).ready(function() {
 								<?php elseif (file_exists('/Library/Server/Web/Data/Sites/Default/webmail')) : ?>
 									<li><a href="/webmail" target="_blank"><i class="glyphicon glyphicon-envelope"></i> Poczta</a></li>
 								<?php endif; ?>
-								<li><a href="/changepassword" target="_blank"><i class="glyphicon glyphicon-lock"></i> Zmień hasło</a></li>
+								<li><a href="index.php?_route=ChangePassword"><i class="glyphicon glyphicon-lock"></i> Zmień hasło</a></li>
 								<li><a href="/profilemanager" target="_blank"><i class="glyphicon glyphicon-user"></i> Apple Profile Manager</a></li>
 								<li class="divider"></li>
 							<?php else: ?>
-								<li><a href="index.php?LOGIN=PASSEDIT">Zmień hasło</a></li>
+								<li><a href="index.php?_route=ChangePassword">Zmień hasło</a></li>
 							<?php endif; ?>
 
 							<li><a href="procesy5.php?task=USER" title="<?php echo User::getName(); ?>"><i class="glyphicon glyphicon-user"></i> Profil</a></li>

SE/se-lib/Route/ChangePassword.php

@@ -1,6 +1,7 @@
 <?php
 
 Lib::loadClass('RouteBase');
+Lib::loadClass('UI');
 
 class Route_ChangePassword extends RouteBase {
 
@@ -11,27 +12,22 @@ class Route_ChangePassword extends RouteBase {
 	}
 
 	public function defaultAction() {
-		SE_Layout::gora();
-		try {
-			$action = V::get('action', 'showForm', $_POST);
-			switch ($action) {
-				case "showForm":
-					self::showForm();
-					break;
-				case "changePassword":
-					self::changePassword();
-					break;
-				default:
-					throw new Exception("Błąd formularza");
-			}
-		} catch (Exception $e) {
-			SE_Layout::alert('danger', $e->getMessage());
+		$action = V::get('action', 'showForm', $_POST);
+		switch ($action) {
+			case "showForm": return UI::layout([ $this, 'showFormView' ], [ 'showMenu' => false ]);
+			case "changePassword": return UI::layout([ $this, 'changePasswordPostAction' ], [ 'showMenu' => false ]);
+			default: return UI::layout([ $this, 'nonExistsActionView' ], [ 'showMenu' => false ]);
 		}
 	}
 
-	private static function showForm() {
+	function nonExistsActionView() {
+		UI::startTag('div', [ 'class' => "col-sm-6 col-sm-offset-3" ]);
+		UI::alert('danger', "Błąd formularza");
+		UI::endTag('div');
+	}
+
+	function showFormView() {
 ?>
-<div class="container">
   <div class="row">
     <div class="col-sm-12 text-center">
       <h2>Zmiana hasła</h2>
@@ -72,19 +68,17 @@ class Route_ChangePassword extends RouteBase {
       </div>
     </div>
   </form>
-</div>
-<script language="JavaScript">
-<!--
+<script>
 $("input[type=password]").keyup(function(){
-    var ucase = new RegExp("[A-Z]+");
+	var ucase = new RegExp("[A-Z]+");
 	var lcase = new RegExp("[a-z]+");
 	var num = new RegExp("[0-9]+");
-	ok = 0;
+	var ok = 0;
 
 	if($("#oldPass").val().length > 0){
 		ok++;
 	}
-	
+
 	if($("#newPass").val().length >= 8){
 		$("#8char").removeClass("glyphicon-remove");
 		$("#8char").addClass("glyphicon-ok");
@@ -95,7 +89,7 @@ $("input[type=password]").keyup(function(){
 		$("#8char").addClass("glyphicon-remove");
 		$("#8char").css("color","#FF0004");
 	}
-	
+
 	if(ucase.test($("#newPass").val())){
 		$("#ucase").removeClass("glyphicon-remove");
 		$("#ucase").addClass("glyphicon-ok");
@@ -106,7 +100,7 @@ $("input[type=password]").keyup(function(){
 		$("#ucase").addClass("glyphicon-remove");
 		$("#ucase").css("color","#FF0004");
 	}
-	
+
 	if(lcase.test($("#newPass").val())){
 		$("#lcase").removeClass("glyphicon-remove");
 		$("#lcase").addClass("glyphicon-ok");
@@ -117,7 +111,7 @@ $("input[type=password]").keyup(function(){
 		$("#lcase").addClass("glyphicon-remove");
 		$("#lcase").css("color","#FF0004");
 	}
-	
+
 	if(num.test($("#newPass").val())){
 		$("#num").removeClass("glyphicon-remove");
 		$("#num").addClass("glyphicon-ok");
@@ -128,7 +122,7 @@ $("input[type=password]").keyup(function(){
 		$("#num").addClass("glyphicon-remove");
 		$("#num").css("color","#FF0004");
 	}
-	
+
 	if(($("#newPass").val() == $("#newPassConfirm").val()) && ($("#newPass").val().length > 0)){
 		$("#pwmatch").removeClass("glyphicon-remove");
 		$("#pwmatch").addClass("glyphicon-ok");
@@ -146,24 +140,39 @@ $("input[type=password]").keyup(function(){
 		document.getElementById('submit').disabled = true;
 	}
 });
--->
 </script>
 <?php
+		echo UI::h('div', [ 'class' => "col-sm-6 col-sm-offset-3", 'style' => "margin-top:32px" ], [
+			"Wróć do ",
+			UI::h('a', [ 'href' => Router::getRoute('Menu')->getLink() ], "menu"),
+		]);
 	}
 
-	private function changePassword() {
-		$oldPass = V::get('oldPass', '', $_POST);
-		$newPass = V::get('newPass', '', $_POST);
-		$newPassConfirm = V::get('newPassConfirm', '', $_POST);
-		if (!($oldPass && $newPass && ($newPass == $newPassConfirm))) throw new Exception("Błąd formularza");
-
+	function changePasswordPostAction() {
 		try {
-			$result = User::changePassword($oldPass, $newPass);
-			if ($result) SE_Layout::alert('success', "Pomyślnie zmieniono hasło");
-			else SE_Layout::alert('warning', "Nie zmieniono hasła");
+			$oldPass = V::get('oldPass', '', $_POST);
+			$newPass = V::get('newPass', '', $_POST);
+			$newPassConfirm = V::get('newPassConfirm', '', $_POST);
+			if (!($oldPass && $newPass && ($newPass == $newPassConfirm))) throw new Exception("Błąd formularza");
+			if ($oldPass == $newPass) throw new Exception("Wprowadź inne hasło niż poprzednio");
+
+			$result = User::changePassword(User::getLogin(), $oldPass, $newPass);
+
+			echo UI::h('div', [ 'class' => "col-sm-6 col-sm-offset-3" ], [
+				($result)
+				?	UI::h('div', [ 'class' => 'alert alert-success' ], "Pomyślnie zmieniono hasło")
+				:	UI::h('div', [ 'class' => 'alert alert-warning' ], "Nie zmieniono hasła"),
+				'<br>',
+				"Wróć do ",
+				UI::h('a', [ 'href' => Router::getRoute('ChangePassword')->getLink() ], "zmiany hasła"),
+				" lub do ",
+				UI::h('a', [ 'href' => Router::getRoute('Menu')->getLink() ], "menu"),
+			]);
 		} catch (Exception $e) {
-			SE_Layout::alert('danger', $e->getMessage());
-			self::showForm();
+			UI::startTag('div', [ 'class' => "col-sm-6 col-sm-offset-3" ]);
+			UI::alert('danger', $e->getMessage());
+			UI::endTag('div');
+			$this->showFormView();
 		}
 	}
 

SE/se-lib/Route/Users.php

@@ -1030,11 +1030,6 @@ class Route_Users extends RouteBase {
 		");
 		UI::dol();
 	}
-	public function passeditView($data = []) {
-		UI::gora();
-		UI::loadTemplate('passedit', $data);
-		UI::dol();
-	}
 	public function reloadPermsView($data = [], $fixUserPermsExecTime = 0) {
 		UI::gora();
 		UI::menu();

SE/se-lib/User.php

@@ -3,6 +3,7 @@
 Lib::loadClass('UserProfile');
 Lib::loadClass('Router');
 Lib::loadClass('DebugExecutionTime');
+Lib::loadClass('UserStorageFactory');
 
 class User {
 
@@ -293,29 +294,6 @@ class User {
 				}
 				break;
 
-			case 'PASSEDIT':
-				if (User::logged()) {
-					$data = array();
-
-					if (!empty($_POST)) {
-						if (empty($_POST['ADM_PASSWD_NEW']) || empty($_POST['ADM_PASSWD'])) {
-							$data['msg'] = "Proszę podać stare i nowe hasło.";
-						}
-					}
-					if (!empty($_POST['ADM_PASSWD_NEW']) && !empty($_POST['ADM_PASSWD'])) {
-						$ret = User::changePasswd($_POST['ADM_PASSWD'], $_POST['ADM_PASSWD_NEW']);
-						if ($ret) {
-							$data['info'] = "Hasło zostało zmienione";
-						} else {
-							$data['error'] = "Nie udało się zmienić hasła";
-						}
-					}
-
-					Router::getRoute('Users')->passeditView($data);
-					exit;
-				}
-				break;
-
 			case 'ANONYMOUS_LOGIN':
 				if (!User::logged()) {
 					if ($data['ALLOW_GUEST_ACCOUNT'] != 1) {
@@ -609,23 +587,7 @@ class User {
 		return false;
 	}
 
-	public static function changePasswd($oldPass, $newPass) { //TODO chyba nieuzywane - Bzyk @ 2018-02-15
-		$db = DB::getDB();
-		$newPass = $db->_($newPass);
-		$oldPass = $db->_($oldPass);
-		$username = $db->_(self::getName());
-		$sql = "update `ADMIN_USERS` set
-				`ADM_PASSWD`=md5('{$newPass}')
-			where
-				`ADM_ACCOUNT`='{$username}' and
-				(`ADM_PASSWD`='{$oldPass}' or `ADM_PASSWD`=md5('{$oldPass}'))
-			limit 1;
-		";
-		$db->query($sql);
-		return ($db->affected_rows() > 0);
-	}
-
-	public static function changePassword($oldPass, $newPass) {
+	public static function changePassword($login, $oldPass, $newPass) {
 		if (!is_string($newPass)) throw new Exception("Błąd parametru");
 		if (strlen($newPass) < 8) throw new Exception("Hasło zbyt krótkie (min. 8 znaków)"); // TODO regex 1 mala litera, 1 mala litera, 1 cyfra, min. 8 znakow
 		if (!self::logged()) throw new Exception("Użytkownik niezalogwany");
@@ -634,19 +596,37 @@ class User {
 		$ldap = LDAP::getInstance();
 
 		if ($ldap != null && $ldap->isConnected()) {
-			return self::changePasswordLDAP($oldPass, $newPass);
+			return self::changePasswordLDAP($login, $oldPass, $newPass);
 		} else {
-			return self::changePasswordDB($oldPass, $newPass);
+			return self::changePasswordDB($login, $oldPass, $newPass);
 		}
 	}
 
-	public static function changePasswordLDAP($oldPass, $newPass) {
-		throw new Exception("changePassword::LDAP not implemented yet"); // TODO
+	public static function changePasswordLDAP($login, $oldPass, $newPass) {
+		$usrStorageLdap = UserStorageFactory::getStorage('MacOSX');
+		if (!$usrStorageLdap) throw new Exception("Error storage Ldap not exists");
+
+		try {
+			$user = self::loginByLDAP($login, $oldPass);
+		} catch (Exception $e) {
+			throw new Exception("Błędne hasło");
+		}
+		if (!$user) throw new Exception("Błąd weryfikacji użytkownika");
+
+		if (!$usrStorageLdap->changePassword($login, $newPass)) {
+			throw new Exception("Błąd podczas zmiany hasła");
+		}
+
+		$affected = DB::getPDO()->update('ADMIN_USERS', 'ID', $user->ID, [
+			'ADM_PASSWD' => '',
+			'ADM_PASSWD_AES' => hash('sha512', $newPass), // Mysql: SHA2('{$pass}', 512)
+		]);
+		return ($affected > 0);
 	}
 
-	public static function changePasswordDB($oldPass, $newPass) {
+	public static function changePasswordDB($login, $oldPass, $newPass) {
 		try {
-			$user = self::loginByDB(self::getLogin(), $oldPass);
+			$user = self::loginByDB($login, $oldPass);
 		} catch (Exception $e) {
 			throw new Exception("Błędne hasło");
 		}

SE/se-lib/tmpl/passedit.php

@@ -1,29 +0,0 @@
-<div class="container">
-	<form action="" method="POST" class="form-inline">
-		<fieldset>
-			<legend>Zmien hasło</legend>
-			<?php if (!empty($info)) : ?>
-				<div class="alert alert-info">
-					<?php echo $info; ?>
-				</div>
-			<?php endif; ?>
-			<?php if (!empty($msg)) : ?>
-				<div class="alert">
-					<strong>Warning!</strong> <?php echo $msg; ?>
-				</div>
-			<?php endif; ?>
-			<?php if (!empty($error)) : ?>
-				<div class="alert alert-danger">
-					<strong>Error!</strong> <?php echo $error; ?>
-				</div>
-			<?php endif; ?>
-			<input name="LOGIN" type="hidden" value="PASSEDIT">
-			<label for="ADM_PASSWD">Stare hasło:</label> <input type="password" name="ADM_PASSWD">
-			<label for="ADM_PASSWD_NEW">Nowe hasło:</label> <input type="password" name="ADM_PASSWD_NEW">
-			<input type="submit" value="Zmień" class="btn btn-primary">
-		</fieldset>
-	</form>
-	<p>
-		<a href="index.php" class="btn btn-sm" type="button"><i class="glyphicon glyphicon-arrow-left"></i> Wróć</a>
-	</p>
-</div>