diff options
Diffstat (limited to 'mayor-orig/www/policy/public/password')
4 files changed, 0 insertions, 158 deletions
diff --git a/mayor-orig/www/policy/public/password/changeMyPassword-pre.php b/mayor-orig/www/policy/public/password/changeMyPassword-pre.php deleted file mode 100644 index e9ef2f3c..00000000 --- a/mayor-orig/www/policy/public/password/changeMyPassword-pre.php +++ /dev/null @@ -1,72 +0,0 @@ -<?php - - if (_RIGHTS_OK !== true) die(); - - _clearSessionCache($sessionID); - unsetTokenCookies(); // ha valaki ide tévedne, visszavonjuk a Tokenjét és a cache-t is vissza kell - - $toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES); - $userAccount = readVariable($_REQUEST['userAccount'], 'emptystringnull', (defined('_USERACCOUNT'))?_USERACCOUNT:null); - - if (file_exists(_CONFIGDIR."/$toPolicy-conf.php")) { - require_once(_CONFIGDIR."/$toPolicy-conf.php"); - } - - if ($AUTH[$toPolicy]['enableSelfPasswordChange']) { - - // Az elküldött név+jelszó ellenőrzése - if ($action == 'changePassword') { - - - require_once('include/modules/auth/base/login.php'); - - if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php')) { - require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php'); - } - if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) { - require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php'); - } - if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php')) { - require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php'); - } - - $userPassword = readVariable($_POST['userPassword'], 'emptystringnull'); - $newPassword = readVariable($_POST['newPassword'], 'emptystringnull'); - $verification = readVariable($_POST['verification'], 'emptystringnull'); - - if ($verification == '' or $newPassword == '') { - $_SESSION['alert'][] = 'message:empty_field'; - } elseif ($verification != $newPassword) { - $_SESSION['alert'][] = 'message:pw_not_match'; - } elseif ($userPassword == $newPassword) { - $_SESSION['alert'][] = 'message:pw_not_changed'; - } else { - - $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy); - if ($result >= _AUTH_FAILURE) { - $_SESSION['alert'][] = 'message:auth_failure'; // megj: a hibaüzenetet a userAuthentication egyébként generálja. kell ez? - } else { - - if (changeMyPassword($userAccount, $userPassword, $newPassword, $toPolicy)) { -// Újra be kell jelentkezni mindenképp... -// updateSessionPassword($userAccount, $toPolicy, $verification); -// if (validUser($sessionID,$policy)) -// header('Location: '.location("index.php?policy=$toPolicy&sessionID=".$sessionID, array('alert'))); -// else - header('Location: '.location("index.php?page=auth&f=login&toPolicy=$toPolicy", array('alert'))); - } else { - $_SESSION['alert'][] = 'message:pw_change_failed'; - } - } - - } - - } // action - - } else { - - $_SESSION['alert'][] = 'page:pw_change_disabled'; - - } - -?> diff --git a/mayor-orig/www/policy/public/password/changeMyPassword.php b/mayor-orig/www/policy/public/password/changeMyPassword.php deleted file mode 100644 index 29ebbf10..00000000 --- a/mayor-orig/www/policy/public/password/changeMyPassword.php +++ /dev/null @@ -1,9 +0,0 @@ -<?php - - if (_RIGHTS_OK !== true) die(); - - global $userAccount, $toPolicy; - - putChangePasswordForm($userAccount, $toPolicy); - -?> diff --git a/mayor-orig/www/policy/public/password/resetPassword-pre.php b/mayor-orig/www/policy/public/password/resetPassword-pre.php deleted file mode 100644 index 3590f27a..00000000 --- a/mayor-orig/www/policy/public/password/resetPassword-pre.php +++ /dev/null @@ -1,68 +0,0 @@ -<?php - if (_RIGHTS_OK !== true) die(); - - $selector = readVariable($_POST['selector'], 'string', readVariable($_GET['selector'], 'hexa', null)); - $validator = readVariable($_POST['validator'], 'string', readVariable($_GET['validator'], 'hexa', null)); - - if ($validator!='') { - $q = "SELECT * FROM accountRecovery WHERE selector = '%s' AND expires >= NOW()"; - $r = db_query($q, array('debug'=>false,'fv'=>'getPasswordRecoveryRequest','modul'=>'login','result'=>'record','values'=>array($selector))); - } - if (!is_array($r)) { - $_SESSION['alert']['page'] = 'message:wrong_data:A jelszó-helyreállítási kérelem nem létezik, vagy lejárt!'; - } else { - - $calc = hash('sha256', hex2bin($validator)); - if (hash_equals($calc, $r['token'])) { - // The reset token is valid. Authenticate the user. - //dump($r); - $ADAT = $r; - $ADAT['validator'] = $validator; - - $toPolicy = $r['policy']; - $userAccount = $r['userAccount']; - - if (file_exists(_CONFIGDIR."/$toPolicy-conf.php")) { - require_once(_CONFIGDIR."/$toPolicy-conf.php"); - } - - if ($AUTH[$toPolicy]['enablePasswordReset']) { - - if ($action == 'resetPassword') { - - if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php')) { - require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/session/base.php'); - } - if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php')) { - require_once('include/backend/'.$AUTH[$toPolicy]['backend'].'/password/changePassword.php'); - } - - $newPassword = readVariable($_POST['newPassword'], 'emptystringnull'); - $verification = readVariable($_POST['verification'], 'emptystringnull'); - - if ($verification == '' or $newPassword == '') { - $_SESSION['alert'][] = 'message:empty_field'; - } elseif ($verification != $newPassword) { - $_SESSION['alert'][] = 'message:pw_not_match'; - } else { - if (changePassword($userAccount, $newPassword, $toPolicy)) { - $q = "DELETE FROM accountRecovery WHERE userAccount = '%s'"; - db_query($q, array('debug'=>false,'fv'=>'getPasswordRecoveryRequest','modul'=>'login','result'=>'delete','values'=>array($userAccount))); - header('Location: '.location("index.php?page=auth&f=login&toPolicy=$toPolicy", array('alert'))); - } else { - $_SESSION['alert'][] = 'message:pw_change_failed'; - } - } - } - - } else { - $_SESSION['alert'][] = 'page:pw_reset_disabled'; - } - - } else { - $_SESSION['alert']['page'] = 'message:insufficient_access:A jelszó-helyreállítási kérelem nem érvényes!'; - } - - } - -?> diff --git a/mayor-orig/www/policy/public/password/resetPassword.php b/mayor-orig/www/policy/public/password/resetPassword.php deleted file mode 100644 index eaefcc8c..00000000 --- a/mayor-orig/www/policy/public/password/resetPassword.php +++ /dev/null @@ -1,9 +0,0 @@ -<?php - - if (_RIGHTS_OK !== true) die(); - - global $ADAT; - - if ($ADAT['userAccount']!='') putResetPasswordForm($ADAT); - -?> |