Squiz Matrix  4.12.2
 All Data Structures Namespaces Functions Variables Pages
password_rules_config.inc
1 <?php
18 require_once SQ_LIB_PATH.'/config/config.inc';
19 require_once SQ_INCLUDE_PATH.'/general_occasional.inc';
20 
33 class Password_Rules_Config extends Config
34 {
35 
41  var $config_vars = Array(
42  'SQ_PASSWD_RULE_LENGTH' => Array('editable' => 1, 'default' => 6),
43  'SQ_PASSWD_RULE_DISALLOW_USER_INFO' => Array('editable' => 1, 'default' => 1),
44  'SQ_PASSWD_RULE_NUM_CAPS' => Array('editable' => 1, 'default' => 0),
45  'SQ_PASSWD_RULE_NUM_LOWER' => Array('editable' => 1, 'default' => 0),
46  'SQ_PASSWD_RULE_NUM_INT' => Array('editable' => 1, 'default' => 0),
47  'SQ_PASSWD_RULE_NUM_PUNC' => Array('editable' => 1, 'default' => 0),
48  'SQ_PASSWD_RULE_NUM_SPC' => Array('editable' => 1, 'default' => 0),
49  'SQ_PASSWD_RULE_DISALLOWED' => Array('editable' => 0, 'default' => -1),
50  'SQ_PASSWD_RULE_DISABLED' => Array('editable' => 0, 'default' => 0),
51  'SQ_PASSWD_RULE_BLACK_LIST' => Array('editable' => 1, 'default' => ''),
52  'SQ_PASSWD_RULE_BLACK_LIST_EXACT' => Array('editable' => 1, 'default' => 1),
53  );
54 
55 
60  function __construct()
61  {
62  parent::__construct();
63  $this->config_file = SQ_DATA_PATH.'/private/conf/password_rules.inc';
64 
65  }//end constructor
66 
67 
79  function save($vars, $backup_existing=FALSE, $send_message=TRUE)
80  {
81  if ($GLOBALS['SQ_SYSTEM']->runLevelEnables(SQ_SECURITY_PERMISSIONS)) {
82  $is_root = $GLOBALS['SQ_SYSTEM']->userRoot();
83  $is_admin = ($is_root || $GLOBALS['SQ_SYSTEM']->userSystemAdmin());
84 
85  // if we dont have access, go away
86  if (!$is_admin) {
87  trigger_localised_error('SYS0267', E_USER_WARNING, $this->name);
88  return FALSE;
89  }
90  }
91 
92  if (isset($vars['SQ_PASSWD_RULE_BLACK_LIST'])) {
93  $vars['SQ_PASSWD_RULE_BLACK_LIST']= trim($vars['SQ_PASSWD_RULE_BLACK_LIST']);
94  }
95 
96  return parent::save($vars, $backup_existing, $send_message);
97 
98  }//end save()
99 
100 
108  function canAcquireLock()
109  {
110  // need to be root or a sys admin
111  return ($GLOBALS['SQ_SYSTEM']->userRoot() || $GLOBALS['SQ_SYSTEM']->userSystemAdmin());
112 
113  }//end canAcquireLock()
114 
115 
122  function writeAccess()
123  {
124  if (!parent::writeAccess()) return FALSE;
125  if (!$GLOBALS['SQ_SYSTEM']->runLevelEnables(SQ_SECURITY_PERMISSIONS)) {
126  return TRUE;
127  }
128 
129  // need to be root or a sys admin
130  return ($GLOBALS['SQ_SYSTEM']->userRoot() || $GLOBALS['SQ_SYSTEM']->userSystemAdmin());
131 
132  }//end writeAccess()
133 
134 
148  function paintBackend(&$o)
149  {
150  parent::paintBackend($o);
151 
152  $write_access = $this->writeAccess();
153 
154  $is_root = $GLOBALS['SQ_SYSTEM']->userRoot();
155 
156  $class = get_class_lower($this);
157 
158  $o->openSection(translate('manage_passwd_rules'));
159 
160 
161  $o->openField(translate('min_length'), '', translate('specify_min_length_passwd'));
162  if ($write_access && $is_root) {
163  text_box($class.'[SQ_PASSWD_RULE_LENGTH]', SQ_PASSWD_RULE_LENGTH, 5);
164  } else {
165  echo SQ_PASSWD_RULE_LENGTH;
166  }
167  $o->closeField();
168 
169  $o->openField(translate('disallow_user_info'), '', translate('disallow_user_info_note'));
170  if ($write_access && $is_root) {
171  combo_box($class.'[SQ_PASSWD_RULE_DISALLOW_USER_INFO]', Array('0' => translate('yes'), '1' => translate('no')), FALSE, SQ_PASSWD_RULE_DISALLOW_USER_INFO);
172  } else {
173  echo (SQ_PASSWD_RULE_DISALLOW_USER_INFO) ? translate('no') : translate('yes');
174  }
175  $o->closeField();
176 
177  $o->openField(translate('character_rules'), '', translate('character_rules_note'));
178 
179  ?>
180  <table class="sq-backend-table">
181  <tr>
182  <td style="width: 50px;" class="sq-backend-table-header"><?php echo translate('active_question'); ?>?</td>
183  <td style="width: 200px;" class="sq-backend-table-header"><?php echo translate('character_type'); ?></td>
184  <td class="sq-backend-table-header"><?php echo translate('min_number'); ?></td>
185  <td style="width: 150px;" class="sq-backend-table-header"><?php echo translate('disallow_char_type_question'); ?></td>
186  </tr>
187  <?php
188  foreach (get_constant_values('SQ_PASSWD_RULE_NUM') as $password_rule => $value) {
189  ?>
190  <tr>
191  <td class="sq-backend-table-cell">
192  <?php
193  if ($write_access) {
194  check_box($class.'_active'.'['.$password_rule.']', '1', ($value != SQ_PASSWD_RULE_DISABLED ? TRUE : FALSE));
195  } else {
196  ?><img src="<?php echo sq_web_path('lib'); ?>/web/images/<?php echo $value != SQ_PASSWD_RULE_DISABLED ? 'tick' : 'cross'; ?>.gif" width="15" height="15" /><?php
197  }
198  ?>
199  </td>
200  <td class="sq-backend-table-cell">
201  <?php
202  switch ($password_rule) {
203  case 'SQ_PASSWD_RULE_NUM_CAPS':
204  echo ucfirst(translate('capital_letters'));
205  break;
206  case 'SQ_PASSWD_RULE_NUM_LOWER':
207  echo ucfirst(translate('lowercase_letters'));
208  break;
209  case 'SQ_PASSWD_RULE_NUM_INT':
210  echo ucfirst(translate('numeric_digits'));
211  break;
212  case 'SQ_PASSWD_RULE_NUM_PUNC':
213  echo ucfirst(translate('punctuation_characters'));
214  break;
215  case 'SQ_PASSWD_RULE_NUM_SPC':
216  echo ucfirst(translate('spaces'));
217  break;
218 
219  default:
220  continue;
221  }
222  ?>
223  </td>
224  <td class="sq-backend-table-cell">
225  <?php
226  if ($value != SQ_PASSWD_RULE_DISABLED && $value != SQ_PASSWD_RULE_DISALLOWED) {
227  if ($write_access) {
228  int_text_box($class.'['.$password_rule.']', $value, FALSE, 5);
229  } else {
230  echo $value;
231  }
232  } else {
233  echo '&nbsp;';
234  }
235  ?>
236  </td>
237  <td class="sq-backend-table-cell" style="text-align: center;">
238  <?php
239  // if disabled
240  if ($value == SQ_PASSWD_RULE_DISABLED) {
241  echo '&nbsp;';
242  } else {
243  if ($write_access) {
244  check_box($class.'_disallow'.'['.$password_rule.']', '1', ($value == SQ_PASSWD_RULE_DISALLOWED));
245  } else {
246  ?><img src="<?php echo sq_web_path('lib'); ?>/web/images/<?php echo $value == SQ_PASSWD_RULE_DISALLOWED ? 'tick' : 'cross'; ?>.gif" width="15" height="15" /><?php
247  }
248  }
249  ?>
250  </td>
251  </tr>
252  <?php
253  }//end foreach
254  ?>
255  </table>
256  <?php
257  $o->closeField();
258  $o->closeSection();
259 
260  $o->openSection(translate('passwd_blacklist'));
261  $o->openField(translate('word_list'), '', translate('word_list_note'));
262 
263  if ($write_access) {
264  text_area($class.'[SQ_PASSWD_RULE_BLACK_LIST]', SQ_PASSWD_RULE_BLACK_LIST, 30, 8);
265  } else {
266  echo nl2br(SQ_PASSWD_RULE_BLACK_LIST);
267  }
268  $o->closeField();
269 
270  $o->openField(translate('exact_match'));
271 
272  if ($write_access) {
273  check_box($class.'[SQ_PASSWD_RULE_BLACK_LIST_EXACT]', '1', SQ_PASSWD_RULE_BLACK_LIST_EXACT);
274  } else {
275  ?><img src="<?php echo sq_web_path('lib'); ?>/web/images/<?php echo SQ_PASSWD_RULE_BLACK_LIST_EXACT ? 'tick' : 'cross'; ?>.gif" width="15" height="15" /><?php
276  }
277 
278  $o->closeField();
279 
280  $o->closeSection();
281 
282  if ($write_access) $o->commitButton('', TRUE);
283 
284  }//end paintBackend()
285 
286 
297  function processBackend(&$o)
298  {
299  $class = get_class_lower($this);
300  require_once $this->config_file;
301 
302  $const = get_constant_values('SQ_PASSWD_RULE_NUM');
303  foreach ($const as $password_rule => $value) {
304  // get the values from $_POST[password_rules_config(_enable)][password_rule]
305  eval('$active_check_box = isset($_POST'."['".$class.'_active'."']"."['".$password_rule."']".');');
306  eval('$disallow_check_box = isset($_POST'."['".$class.'_disallow'."']"."['".$password_rule."']".');');
307  eval('$text_box = (isset($_POST'."['".$class."']"."['".$password_rule."']".') ? $_POST'."['".$class."']"."['".$password_rule."']".' : false);');
308 
309  if ($disallow_check_box) {
310  if ($active_check_box) {
311  $_POST[$class][$password_rule] = SQ_PASSWD_RULE_DISALLOWED;
312  } else {
313  $_POST[$class][$password_rule] = SQ_PASSWD_RULE_DISABLED;
314  }
315  } else {
316  if ($active_check_box) {
317  if ($text_box === FALSE) {
318  $_POST[$class][$password_rule] = 1;
319  }
320  } else {
321  $_POST[$class][$password_rule] = SQ_PASSWD_RULE_DISABLED;
322  }
323  }
324  }
325 
326  if (!isset($_POST[$class]['SQ_PASSWD_RULE_BLACK_LIST_EXACT'])) {
327  $_POST[$class]['SQ_PASSWD_RULE_BLACK_LIST_EXACT'] = 0;
328  } else {
329  $_POST[$class]['SQ_PASSWD_RULE_BLACK_LIST_EXACT'] = 1;
330  }
331 
332  return parent::processBackend($o);
333 
334  }//end processBackend()
335 
336 
337 }//end class
338 
339 ?>