Subversion Repositories ALCASAR

Rev

Rev 2272 | Rev 2809 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2272 tom.houday 1
<?php
2
# $Id: password.php 2450 2017-12-05 21:53:42Z tom.houdayer $
3
#
4
# change user password on ALACASAR NAC
5
# Copyright (C) 2003, 2004 Mondru AB.
6
# Copyright (C) 2008-20017 ANGEL95 & REXY
7
 
8
/****************************************************************
9
*			GLOBAL FILE PATHS			*
10
*****************************************************************/
11
define('CONF_FILE', '/usr/local/etc/alcasar.conf');
12
 
13
/****************************************************************
14
*			FILE reading test			*
15
*****************************************************************/
16
$conf_files = array(CONF_FILE);
17
foreach ($conf_files as $file) {
18
	if (!file_exists($file)) {
19
		exit("Fichier $file non présent");
20
	}
21
	if (!is_readable($file)) {
22
		exit("Vous n'avez pas les droits de lecture sur le fichier $file");
23
	}
24
}
25
 
26
/****************************************************************
27
*			Read CONF_FILE				*
28
*****************************************************************/
29
$file_conf = fopen(CONF_FILE, 'r');
30
if (!$file_conf) {
31
	exit('Error opening the file '.CONF_FILE);
32
}
33
while (!feof($file_conf)) {
34
	$buffer = fgets($file_conf, 4096);
35
	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
2450 tom.houday 36
		$tmp = explode('=', $buffer, 2);
37
		$conf[trim($tmp[0])] = trim($tmp[1]);
2272 tom.houday 38
	}
39
}
40
fclose($file_conf);
41
 
42
// Redirect to HTTPS
43
if ((!isset($_SERVER['HTTPS'])) || (empty($_SERVER['HTTPS'])) || ($_SERVER['HTTPS'] === 'off')) {
44
	header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
45
	exit();
46
}
47
 
48
require('/etc/freeradius-web/config.php');
49
 
50
$current_page = htmlspecialchars($_SERVER['PHP_SELF']);
51
$homepage = (((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off')) ? 'https' : 'http').'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'];
52
 
53
// Choice of language
54
$Language = 'en';
55
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
56
	$Langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
57
	$Language = strtolower(substr(chop($Langue[0]), 0, 2));
58
}
59
if ($Language === 'es') {		// Spanish
60
	$l_title			= "User password change";
61
	$l_form_l1			= "User";
62
	$l_form_l2			= "Old password";
63
	$l_form_l3			= "New password";
64
	$l_form_l4			= "New password (confirmation)";
65
	$l_eval_pass			= "Score :";
66
	$l_passwordmeter		= "Powered by 'Shibbo Password Analyser'";
67
	$l_form_button_valid		= "Modify";
68
	$l_form_button_retour		= "Cancel";
69
	$l_form_result1			= "Your password has been successfuly changed";
70
	$l_form_result2			= "Error when trying to change password";
71
} else if ($Language === 'pt') {	// Portuguese
72
	$l_title			= "Alteração de senha do usuário";
73
	$l_form_l1			= "Usuário";
74
	$l_form_l2			= "Senha antiga";
75
	$l_form_l3			= "Nova senha";
76
	$l_form_l4			= "Nova senha (confirmação)";
77
	$l_eval_pass			= "Resultado:";
78
	$l_passwordmeter		= "Powered by 'Shibbo Password Analyser'";
79
	$l_form_button_valid		= "Modificar";
80
	$l_form_button_retour		= "Cancelar";
81
	$l_form_result1			= "Sua senha foi alterada com sucesso";
82
	$l_form_result2			= "Erro ao tentar alterar a senha";
83
} else if ($Language === 'de') {	// German
84
	$l_title			= "User password change";
85
	$l_form_l1			= "User";
86
	$l_form_l2			= "Old password";
87
	$l_form_l3			= "New password";
88
	$l_form_l4			= "New password (confirmation)";
89
	$l_eval_pass			= "Score :";
90
	$l_passwordmeter		= "Powered by 'Shibbo Password Analyser'";
91
	$l_form_button_valid		= "Modify";
92
	$l_form_button_retour		= "Cancel";
93
	$l_form_result1			= "Your password has been successfuly changed";
94
	$l_form_result2			= "Error when trying to change password";
95
} else if ($Language === 'nl') {	// Dutch
96
	$l_title			= "User password change";
97
	$l_form_l1			= "User";
98
	$l_form_l2			= "Old password";
99
	$l_form_l3			= "New password";
100
	$l_form_l4			= "New password (confirmation)";
101
	$l_eval_pass			= "Score :";
102
	$l_passwordmeter		= "Powered by 'Shibbo Password Analyser'";
103
	$l_form_button_valid		= "Modify";
104
	$l_form_button_retour		= "Cancel";
105
	$l_form_result1			= "Your password has been successfuly changed";
106
	$l_form_result2			= "Error when trying to change password";
107
} else if ($Language === 'zh') {	// Chinese
108
	$l_title			= "修改用户密码";
109
	$l_form_l1			= "用户";
110
	$l_form_l2			= "旧密码";
111
	$l_form_l3			= "新密码";
112
	$l_form_l4			= "新密码(确认)";
113
	$l_eval_pass			= ""; // TODO: to translate
114
	$l_passwordmeter		= "技术支持 'Shibbo Password Analyser'";
115
	$l_form_button_valid		= "修改";
116
	$l_form_button_retour		= "取消";
117
	$l_form_result1			= "您的密码已成功修改";
118
	$l_form_result2			= "修改密码出错";
119
} else if ($Language === 'ar') {	// Arabic
120
	$l_title			= "تغيير كلمة المرور للمستخدم";
121
	$l_form_l1			= "المستعمل";
122
	$l_form_l2			= "كلمه السر القديمة";
123
	$l_form_l3			= "كلمة السر الجديدة";
124
	$l_form_l4			= "كلمة السر الجديدة (أكد)";
125
	$l_eval_pass			= ""; // TODO: to translate
126
	$l_passwordmeter		= "مشغل بواسطة 'Shibbo Password Analyser'";
127
	$l_form_button_valid		= "تغيير";
128
	$l_form_button_retour		= "إلغاء";
129
	$l_form_result1			= "تم تغيير الرقم السري بنجاح";
130
	$l_form_result2			= "خطأ عند محاولة تغيير كلمة المرور";
131
} else if ($Language === 'fr') {	// French
132
	$l_title			= "Changement de mot de passe utilisateur";
133
	$l_form_l1			= "Utilisateur :";
134
	$l_form_l2			= "Ancien mot de passe :";
135
	$l_form_l3			= "Nouveau mot de passe :";
136
	$l_form_l4			= "Nouveau mot de passe (confirmation) :";
137
	$l_eval_pass			= "Score :";
138
	$l_passwordmeter		= "Propulsé par 'Shibbo Password Analyser'";
139
	$l_form_button_valid		= "Modifier";
140
	$l_form_button_retour		= "Annuler";
141
	$l_form_result1			= "Votre mot de passe a été modifié avec succès";
142
	$l_form_result2			= "Erreur de changement de mot de passe";
143
} else {				// English
144
	$l_title			= "User password change";
145
	$l_form_l1			= "User";
146
	$l_form_l2			= "Old password";
147
	$l_form_l3			= "New password";
148
	$l_form_l4			= "New password (confirmation)";
149
	$l_eval_pass			= "Score:";
150
	$l_passwordmeter		= "Powered by 'Shibbo Password Analyser'";
151
	$l_form_button_valid		= "Modify";
152
	$l_form_button_retour		= "Cancel";
153
	$l_form_result1			= "Your password has been successfuly changed";
154
	$l_form_result2			= "Error when trying to change password";
155
}
156
 
157
if (isset($action)) {
158
	if ($action === 'checkpass') {
159
		if (!is_file("acc/manager/lib/sql/drivers/$config[sql_type]/functions.php")) {
160
			exit('<b>Could not include SQL library</b>');
161
		}
162
		require_once("acc/manager/lib/sql/drivers/$config[sql_type]/functions.php");
163
		$link = @da_sql_pconnect($config);
164
		if ($link) {
165
			$sql = "SELECT attribute,value FROM $config[sql_check_table] WHERE username = '$login' AND attribute = '$config[sql_password_attribute]';";
166
			$res = @da_sql_query($link,$config, $sql);
167
			if ($res) {
168
				$row = @da_sql_fetch_array($res, $config);
169
				if (!is_file("acc/manager/lib/crypt/$config[general_encryption_method].php")) {
170
					exit('<b>Could not open encryption library file</b>');
171
				}
172
				include("acc/manager/lib/crypt/$config[general_encryption_method].php");
173
				$enc_passwd = $row['value'];
174
				$passwd     = da_encrypt($passwd,$enc_passwd);
175
				$newpasswd  = da_encrypt($newpasswd,$enc_passwd);
176
				$newpasswd2 = da_encrypt($newpasswd2,$enc_passwd);
177
				if (($passwd === $enc_passwd) && ($newpasswd === $newpasswd2)) {
178
					$sql = "UPDATE $config[sql_check_table] SET value='$newpasswd' WHERE username = '$login' AND attribute = '$config[sql_password_attribute]';";
179
					$res2 = @da_sql_query($link, $config, $sql);
180
					$changePasswordMessage = '<font color=blue><b>'.$l_form_result1.'</b></font>';
181
				} else {
182
					$changePasswordMessage = '<font color=red><b>'.$l_form_result2.'</b></font>';
183
				}
184
			}
185
		}
186
	}
187
}
188
 
189
// Cleaning the cache
190
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
191
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
192
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
193
header('Cache-Control: post-check=0, pre-check=0', false);
194
header('Pragma: no-cache');
195
?>
196
<!DOCTYPE html>
197
<html>
198
	<head>
199
		<meta charset="UTF-8">
200
		<title>ALCASAR - <?= $l_title ?></title>
201
		<link rel="stylesheet" href="css/pass.css" type="text/css">
202
		<link rel="stylesheet" href="css/style_intercept.css" type="text/css">
203
		<link rel="stylesheet" href="css/pwdmeter.css" type="text/css">
204
		<!--[if lt IE 7]>
205
			<link rel="stylesheet" href="css/ie.css" type="text/css">
206
		<![endif]-->
207
		<script src="js/pwdmeter.js"></script>
208
	</head>
209
	<body>
210
		<div id="cadre_titre" class="titre_controle">
211
			<p id="acces_controle" class="titre_controle"><?= $l_title ?></p>
212
			<div id="boite_logo"><img src="/images/organisme.png"></div>
213
		</div>
214
		<div id="contenu_acces">
215
			<form name="master" action="<?= $current_page ?>" method="post">
216
				<input type="hidden" name="action" value="checkpass">
217
				<table id="champs_pass" border="0">
218
					<tr>
219
						<td class="first_item"><?= $l_form_l1 ?></td>
220
						<td><input type="text" name="login" value="" label="test"></td>
221
					</tr>	
222
					<tr>
223
						<td class="first_item"><?= $l_form_l2 ?></td>
224
						<td><input type="password" name="passwd" value=""></td>
225
					</tr>
226
					<tr>
227
						<td class="first_item"><?= $l_form_l3 ?></td>
228
						<td>
229
							<input type="password" name="newpasswd" id="passwordPwd" value="" autocomplete="off" onkeyup="chkPass(this.value);" />
230
							<input type="text" id="passwordTxt" name="passwordTxt" autocomplete="off" onkeyup="chkPass(this.value);" class="hide" />
231
						</td>
232
					</tr>
233
					<tr>
234
						<td class="first_item"><?= $l_eval_pass ?></td>
235
						<td>
236
							<div id="scorebarBorder">
237
								<div id="score">0%</div>
238
								<div id="scorebar">&nbsp;</div>
239
							</div>
240
							<div id="complexity"></div>
241
						</td>
242
					</tr>
243
					<tr>
244
						<td colspan="2" id="lien_pass"><?= $l_passwordmeter ?></td>
245
					</tr>
246
					<tr>
247
						<td class="first_item"><?= $l_form_l4 ?></td>
248
						<td><input type="password" name="newpasswd2" value=""></td>
249
					</tr>
250
					<tr>
251
						<td colspan="2" id="lien_pass">
252
							<input type="submit" class="btn_form" id="btn_pass" value="<?= $l_form_button_valid ?>">
253
							<input type="button" class="btn_form" id="btn_retour" value="<?= $l_form_button_retour ?>" onclick="window.location = '<?= $homepage ?>';">
254
						</td>
255
					</tr>
256
					<?php if (isset($changePasswordMessage)): ?>
257
						<tr>
258
							<td colspan="2"><?= $changePasswordMessage ?></td>
259
						</tr>
260
					<?php endif; ?>
261
				</table>
262
			</form>
263
		</div>
264
		<div id="info_pass">
265
			<table id="tablePwdStatus" cellpadding="5" cellspacing="1" border="0">
266
				<tr>
267
					<th colspan="2">Additions</th>
268
					<th class="txtCenter">Type</th>
269
					<th class="txtCenter">Rate</th>
270
					<th class="txtCenter">Count</th>
271
					<th class="txtCenter">Bonus</th>
272
				</tr>
273
				<tr>
274
					<td width="1%"><div id="div_nLength" class="fail">&nbsp;</div></td>
275
					<td width="94%">Number of Characters</td>
276
					<td width="1%" class="txtCenter">Flat</td>
277
					<td width="1%" class="txtCenter italic">+(n*4)</td>
278
					<td width="1%"><div id="nLength" class="box">&nbsp;</div></td>
279
					<td width="1%"><div id="nLengthBonus" class="boxPlus">&nbsp;</div></td>
280
				</tr>
281
				<tr>
282
					<td><div id="div_nAlphaUC" class="fail">&nbsp;</div></td>
283
					<td>Uppercase Letters</td>
284
					<td class="txtCenter">Cond/Incr</td>
285
					<td nowrap="nowrap" class="txtCenter italic">+((len-n)*2)</td>
286
					<td><div id="nAlphaUC" class="box">&nbsp;</div></td>
287
					<td><div id="nAlphaUCBonus" class="boxPlus">&nbsp;</div></td>
288
				</tr>	
289
				<tr>
290
					<td><div id="div_nAlphaLC" class="fail">&nbsp;</div></td>
291
					<td>Lowercase Letters</td>
292
					<td class="txtCenter">Cond/Incr</td>
293
					<td class="txtCenter italic">+((len-n)*2)</td>
294
					<td><div id="nAlphaLC" class="box">&nbsp;</div></td>
295
					<td><div id="nAlphaLCBonus" class="boxPlus">&nbsp;</div></td>
296
				</tr>
297
				<tr>
298
					<td><div id="div_nNumber" class="fail">&nbsp;</div></td>
299
					<td>Numbers</td>
300
					<td class="txtCenter">Cond</td>
301
					<td class="txtCenter italic">+(n*4)</td>
302
					<td><div id="nNumber" class="box">&nbsp;</div></td>
303
					<td><div id="nNumberBonus" class="boxPlus">&nbsp;</div></td>
304
				</tr>
305
				<tr>
306
					<td><div id="div_nSymbol" class="fail">&nbsp;</div></td>
307
					<td>Symbols</td>
308
					<td class="txtCenter">Flat</td>
309
					<td class="txtCenter italic">+(n*6)</td>
310
					<td><div id="nSymbol" class="box">&nbsp;</div></td>
311
					<td><div id="nSymbolBonus" class="boxPlus">&nbsp;</div></td>
312
				</tr>
313
				<tr>
314
					<td><div id="div_nMidChar" class="fail">&nbsp;</div></td>
315
					<td>Middle Numbers or Symbols</td>
316
					<td class="txtCenter">Flat</td>
317
					<td class="txtCenter italic">+(n*2)</td>
318
					<td><div id="nMidChar" class="box">&nbsp;</div></td>
319
					<td><div id="nMidCharBonus" class="boxPlus">&nbsp;</div></td>
320
				</tr>
321
				<tr>
322
					<td><div id="div_nRequirements" class="fail">&nbsp;</div></td>
323
					<td>Requirements</td>
324
					<td class="txtCenter">Flat</td>
325
					<td class="txtCenter italic">+(n*2)</td>
326
					<td><div id="nRequirements" class="box">&nbsp;</div></td>
327
					<td><div id="nRequirementsBonus" class="boxPlus">&nbsp;</div></td>
328
				</tr>
329
				<tr>
330
					<th colspan="6">Deductions</th>
331
				</tr>
332
				<tr>
333
					<td width="1%"><div id="div_nAlphasOnly" class="pass">&nbsp;</div></td>
334
					<td width="94%">Letters Only</td>
335
					<td width="1%" class="txtCenter">Flat</td>
336
					<td width="1%" class="txtCenter italic">-n</td>
337
					<td width="1%"><div id="nAlphasOnly" class="box">&nbsp;</div></td>
338
					<td width="1%"><div id="nAlphasOnlyBonus" class="boxMinus">&nbsp;</div></td>
339
				</tr>	
340
				<tr>
341
					<td><div id="div_nNumbersOnly" class="pass">&nbsp;</div></td>
342
					<td>Numbers Only</td>
343
					<td class="txtCenter">Flat</td>
344
					<td class="txtCenter italic">-n</td>
345
					<td><div id="nNumbersOnly" class="box">&nbsp;</div></td>
346
					<td><div id="nNumbersOnlyBonus" class="boxMinus">&nbsp;</div></td>
347
				</tr>	
348
				<tr>
349
					<td><div id="div_nRepChar" class="pass">&nbsp;</div></td>
350
					<td>Repeat Characters (Case Insensitive)</td>
351
					<td class="txtCenter">Comp</td>
352
					<td nowrap="nowrap" class="txtCenter italic"> - </td>
353
					<td><div id="nRepChar" class="box">&nbsp;</div></td>
354
					<td><div id="nRepCharBonus" class="boxMinus">&nbsp;</div></td>
355
				</tr>	
356
				<tr>
357
					<td><div id="div_nConsecAlphaUC" class="pass">&nbsp;</div></td>
358
					<td>Consecutive Uppercase Letters</td>
359
					<td class="txtCenter">Flat</td>
360
					<td class="txtCenter italic">-(n*2)</td>
361
					<td><div id="nConsecAlphaUC" class="box">&nbsp;</div></td>
362
					<td><div id="nConsecAlphaUCBonus" class="boxMinus">&nbsp;</div></td>
363
				</tr>	
364
				<tr>
365
					<td><div id="div_nConsecAlphaLC" class="pass">&nbsp;</div></td>
366
					<td>Consecutive Lowercase Letters</td>
367
					<td class="txtCenter">Flat</td>
368
					<td class="txtCenter italic">-(n*2)</td>
369
					<td><div id="nConsecAlphaLC" class="box">&nbsp;</div></td>
370
					<td><div id="nConsecAlphaLCBonus" class="boxMinus">&nbsp;</div></td>
371
				</tr>	
372
				<tr>
373
					<td><div id="div_nConsecNumber" class="pass">&nbsp;</div></td>
374
					<td>Consecutive Numbers</td>
375
					<td class="txtCenter">Flat</td>
376
					<td class="txtCenter italic">-(n*2)</td>
377
					<td><div id="nConsecNumber" class="box">&nbsp;</div></td>
378
					<td><div id="nConsecNumberBonus" class="boxMinus">&nbsp;</div></td>
379
				</tr>	
380
				<tr>
381
					<td><div id="div_nSeqAlpha" class="pass">&nbsp;</div></td>
382
					<td>Sequential Letters (3+)</td>
383
					<td class="txtCenter">Flat</td>
384
					<td class="txtCenter italic">-(n*3)</td>
385
					<td><div id="nSeqAlpha" class="box">&nbsp;</div></td>
386
					<td><div id="nSeqAlphaBonus" class="boxMinus">&nbsp;</div></td>
387
				</tr>	
388
				<tr>
389
					<td><div id="div_nSeqNumber" class="pass">&nbsp;</div></td>
390
					<td>Sequential Numbers (3+)</td>
391
					<td class="txtCenter">Flat</td>
392
					<td class="txtCenter italic">-(n*3)</td>
393
					<td><div id="nSeqNumber" class="box">&nbsp;</div></td>
394
					<td><div id="nSeqNumberBonus" class="boxMinus">&nbsp;</div></td>
395
				</tr>	
396
				<tr>
397
					<td><div id="div_nSeqSymbol" class="pass">&nbsp;</div></td>
398
					<td>Sequential Symbols (3+)</td>
399
					<td class="txtCenter">Flat</td>
400
					<td class="txtCenter italic">-(n*3)</td>
401
					<td><div id="nSeqSymbol" class="box">&nbsp;</div></td>
402
					<td><div id="nSeqSymbolBonus" class="boxMinus">&nbsp;</div></td>
403
				</tr>	
404
				<tr>
405
					<th colspan="6">Legend</th>
406
				</tr>
407
				<tr>
408
					<td colspan="6">
409
						<ul id="listLegend">
410
							<li><div class="exceed imgLegend">&nbsp;</div><span class="bold">Exceptional:</span> Exceeds minimum standards. Additional bonuses are applied.</li>
411
							<li><div class="pass imgLegend">&nbsp;</div><span class="bold">Sufficient:</span> Meets minimum standards. Additional bonuses are applied.</li>
412
							<li><div class="warn imgLegend">&nbsp;</div><span class="bold">Warning:</span> Advisory against employing bad practices. Overall score is reduced.</li>
413
							<li><div class="fail imgLegend">&nbsp;</div><span class="bold">Failure:</span> Does not meet the minimum standards. Overall score is reduced.</li>
414
						</ul>
415
					</td>
416
				</tr>
417
			</table>
418
		   	<table id="tablePwdNotes" cellpadding="5" cellspacing="1" border="0">
419
				<tr>
420
					<th>Quick Footnotes</th>
421
				</tr>
422
				<tr>
423
					<td>
424
						&bull; <strong>Flat:</strong> Rates that add/remove in non-changing increments.<br>
425
						&bull; <strong>Incr:</strong> Rates that add/remove in adjusting increments.<br>
426
						&bull; <strong>Cond:</strong> Rates that add/remove depending on additional factors.<br>
427
						&bull; <strong>Comp:</strong> Rates that are too complex to summarize. See source code for details.<br>
428
						&bull; <strong>n:</strong> Refers to the total number of occurrences.<br>
429
						&bull; <strong>len:</strong> Refers to the total password length.<br>
430
						&bull; Additional bonus scores are given for increased character variety.<br>
431
						&bull; Final score is a cumulative result of all bonuses minus deductions.<br>
432
						&bull; Final score is capped with a minimum of 0 and a maximum of 100.<br>
433
						&bull; Score and Complexity ratings are not conditional on meeting minimum requirements.<br>
434
					</td>
435
				</tr>
436
			</table>
437
		</div>
438
	</body>
439
</html>