WebSVN – ALCASAR – Diff – /web/pass/index.php

 <?php
-# $Id: index.php 2207 2017-05-06 18:10:53Z tom.houdayer $
+# $Id: index.php 2241 2017-05-20 22:32:36Z tom.houdayer $
+#
 # change user password on ALACASAR NAC
 # Copyright (C) 2003, 2004 Mondru AB.
 # Copyright (C) 2008-20017 ANGEL95 & REXY
+/****************************************************************
+*			GLOBAL FILE PATHS			*
+*****************************************************************/
 define('CONF_FILE', '/usr/local/etc/alcasar.conf');
+/****************************************************************
+*			FILE reading test			*
+*****************************************************************/
+$conf_files = array(CONF_FILE);
+foreach ($conf_files as $file) {
+	if (!file_exists($file)) {
+		exit("Fichier $file non présent");
+	}
+	if (!is_readable($file)) {
+		exit("Vous n'avez pas les droits de lecture sur le fichier $file");
+	}
+}
+/****************************************************************
-// Read CONF_FILE
+*			Read CONF_FILE				*
+*****************************************************************/
 $file_conf = fopen(CONF_FILE, 'r');
 if (!$file_conf) {
 	exit('Error opening the file '.CONF_FILE);
+}
 while (!feof($file_conf)) {
-	$tampon = fgets($file_conf, 4096);
+	$buffer = fgets($file_conf, 4096);
-	if ((strpos($tampon, '=') !== false) && (substr($tampon, 0, 1) !== '#')) {
+	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
-		$tmp = explode('=', $tampon);
+		$tmp = explode('=', $buffer);
 		$conf[$tmp[0]] = trim($tmp[1]);
+	}
+}
 fclose($file_conf);
 require('/etc/freeradius-web/config.php');
 $current_page = htmlspecialchars($_SERVER['PHP_SELF']);
-$homepage = (((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off')) ? 'https' : 'http').'://'.trim($conf['HOSTNAME']).'.'.trim($conf['DOMAIN']);
+$homepage = (((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off')) ? 'https' : 'http').'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'];
-# Choice of language
+// Choice of language
 $Language = 'en';
-if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
+if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
-  $Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
+	$Langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
-  $Language = strtolower(substr(chop($Langue[0]),0,2)); }
+	$Language = strtolower(substr(chop($Langue[0]), 0, 2));
-if($Language == 'es'){
-$R_title = "User password change";
-$R_form_l1 = "User";
-$R_form_l2 = "Old password";
-$R_form_l3 = "New password";
-$R_form_l4 = "New password (confirmation)";
-$R_eval_pass = "Score :";
-$R_passwordmeter = "Powered by 'Shibbo Password Analyser'</a>";
-$R_form_button_valid = "Modify";
-$R_form_button_retour = "Cancel";
-$R_form_result1 = "Your password has been successfuly changed";
-$R_form_result2 = "Error when trying to change password";
-$R_retour = "ALCASAR home page";}
-else if ($Language == 'pt'){
-$R_title = "Alteração de senha do usuário";
-$R_form_l1 = "Usuário";
-$R_form_l2 = "Senha antiga";
-$R_form_l3 = "Nova senha";
-$R_form_l4 = "Nova senha (confirmação)";
-$R_eval_pass = "Resultado:";
-$R_passwordmeter = "Powered by 'Shibbo Password Analyser'</a>";
-$R_form_button_valid = "Modificar";
-$R_form_button_retour = "Cancelar";
-$R_form_result1 = "Sua senha foi alterada com sucesso";
-$R_form_result2 = "Erro ao tentar alterar a senha";
-$R_retour = "Home page Alcasar";}
-else if($Language == 'de'){
-$R_title = "User password change";
-$R_form_l1 = "User";
-$R_form_l2 = "Old password";
-$R_form_l3 = "New password";
-$R_form_l4 = "New password (confirmation)";
-$R_eval_pass = "Score :";
-$R_passwordmeter = "Powered by 'Shibbo Password Analyser'</a>";
-$R_form_button_valid = "Modify";
-$R_form_button_retour = "Cancel";
-$R_form_result1 = "Your password has been successfuly changed";
-$R_form_result2 = "Error when trying to change password";
-$R_retour = "ALCASAR home page";}
-else if($Language == 'nl'){
-$R_title = "User password change";
-$R_form_l1 = "User";
-$R_form_l2 = "Old password";
-$R_form_l3 = "New password";
-$R_form_l4 = "New password (confirmation)";
-$R_eval_pass = "Score :";
-$R_passwordmeter = "Powered by 'Shibbo Password Analyser'</a>";
-$R_form_button_valid = "Modify";
-$R_form_button_retour = "Cancel";
-$R_form_result1 = "Your password has been successfuly changed";
-$R_form_result2 = "Error when trying to change password";
-$R_retour = "ALCASAR home page";}
-else if($Language == 'zh'){
-$R_title = "修改用户密码";
-$R_form_l1 = "用户";
-$R_form_l2 = "旧密码";
-$R_form_l3 = "新密码";
-$R_form_l4 = "新密码(确认)";
-$R_eval_pass = "";
-$R_passwordmeter = "技术支持 'Shibbo Password Analyser'</a>";
-$R_form_button_valid = "修改";
-$R_form_button_retour = "取消";
-$R_form_result1 = "您的密码已成功修改";
-$R_form_result2 = "修改密码出错";
-$R_retour = "返回首页";}
-else if ($Language == 'ar'){
-$R_title = "تغيير كلمة المرور للمستخدم";
-$R_form_l1 = "المستعمل";
-$R_form_l2 = "كلمه السر القديمة";
-$R_form_l3 = "كلمة السر الجديدة";
-$R_form_l4 = "كلمة السر الجديدة (أكد)";
-$R_eval_pass = "";
-$R_passwordmeter = "مشغل بواسطة 'Shibbo Password Analyser'" . "</a>";
-$R_form_button_valid = "تغيير";
-$R_form_button_retour = "إلغاء";
-$R_form_result1 = "تم تغيير الرقم السري بنجاح";
-$R_form_result2 = "خطأ عند محاولة تغيير كلمة المرور";
-$R_retour = "رجوع إلى الصفحة الرئيسية ALCASAR";
+}
+if ($Language === 'es') {		// Spanish
+	$l_title			= "User password change";
+	$l_form_l1			= "User";
+	$l_form_l2			= "Old password";
+	$l_form_l3			= "New password";
+	$l_form_l4			= "New password (confirmation)";
+	$l_eval_pass			= "Score :";
+	$l_passwordmeter		= "Powered by 'Shibbo Password Analyser'";
+	$l_form_button_valid		= "Modify";
+	$l_form_button_retour		= "Cancel";
+	$l_form_result1			= "Your password has been successfuly changed";
+	$l_form_result2			= "Error when trying to change password";
+} else if ($Language === 'pt') {	// Portuguese
+	$l_title			= "Alteração de senha do usuário";
+	$l_form_l1			= "Usuário";
+	$l_form_l2			= "Senha antiga";
+	$l_form_l3			= "Nova senha";
+	$l_form_l4			= "Nova senha (confirmação)";
+	$l_eval_pass			= "Resultado:";
+	$l_passwordmeter		= "Powered by 'Shibbo Password Analyser'";
+	$l_form_button_valid		= "Modificar";
+	$l_form_button_retour		= "Cancelar";
+	$l_form_result1			= "Sua senha foi alterada com sucesso";
+	$l_form_result2			= "Erro ao tentar alterar a senha";
+} else if ($Language === 'de') {	// German
+	$l_title			= "User password change";
+	$l_form_l1			= "User";
+	$l_form_l2			= "Old password";
+	$l_form_l3			= "New password";
+	$l_form_l4			= "New password (confirmation)";
+	$l_eval_pass			= "Score :";
+	$l_passwordmeter		= "Powered by 'Shibbo Password Analyser'";
+	$l_form_button_valid		= "Modify";
+	$l_form_button_retour		= "Cancel";
+	$l_form_result1			= "Your password has been successfuly changed";
+	$l_form_result2			= "Error when trying to change password";
+} else if ($Language === 'nl') {	// Dutch
+	$l_title			= "User password change";
+	$l_form_l1			= "User";
+	$l_form_l2			= "Old password";
+	$l_form_l3			= "New password";
+	$l_form_l4			= "New password (confirmation)";
+	$l_eval_pass			= "Score :";
+	$l_passwordmeter		= "Powered by 'Shibbo Password Analyser'";
+	$l_form_button_valid		= "Modify";
+	$l_form_button_retour		= "Cancel";
+	$l_form_result1			= "Your password has been successfuly changed";
+	$l_form_result2			= "Error when trying to change password";
+} else if ($Language === 'zh') {	// Chinese
+	$l_title			= "修改用户密码";
+	$l_form_l1			= "用户";
+	$l_form_l2			= "旧密码";
+	$l_form_l3			= "新密码";
+	$l_form_l4			= "新密码(确认)";
+	$l_eval_pass			= ""; // TODO: to translate
+	$l_passwordmeter		= "技术支持 'Shibbo Password Analyser'";
+	$l_form_button_valid		= "修改";
+	$l_form_button_retour		= "取消";
+	$l_form_result1			= "您的密码已成功修改";
+	$l_form_result2			= "修改密码出错";
+} else if ($Language === 'ar') {	// Arabic
+	$l_title			= "تغيير كلمة المرور للمستخدم";
+	$l_form_l1			= "المستعمل";
+	$l_form_l2			= "كلمه السر القديمة";
+	$l_form_l3			= "كلمة السر الجديدة";
+	$l_form_l4			= "كلمة السر الجديدة (أكد)";
+	$l_eval_pass			= ""; // TODO: to translate
+	$l_passwordmeter		= "مشغل بواسطة 'Shibbo Password Analyser'";
+	$l_form_button_valid		= "تغيير";
+	$l_form_button_retour		= "إلغاء";
+	$l_form_result1			= "تم تغيير الرقم السري بنجاح";
+	$l_form_result2			= "خطأ عند محاولة تغيير كلمة المرور";
-else if($Language == 'fr'){
+} else if ($Language === 'fr') {	// French
-$R_title = "Changement de mot de passe utilisateur";
+	$l_title			= "Changement de mot de passe utilisateur";
-$R_form_l1 = "Utilisateur :";
+	$l_form_l1			= "Utilisateur :";
-$R_form_l2 = "Ancien mot de passe :";
+	$l_form_l2			= "Ancien mot de passe :";
-$R_form_l3 = "Nouveau mot de passe :";
+	$l_form_l3			= "Nouveau mot de passe :";
-$R_form_l4 = "Nouveau mot de passe (confirmation) :";
+	$l_form_l4			= "Nouveau mot de passe (confirmation) :";
-$R_eval_pass = "";
+	$l_eval_pass			= "Score :";
-$R_passwordmeter = "Propulsé par 'Shibbo Password Analyser'</a>";
+	$l_passwordmeter		= "Propulsé par 'Shibbo Password Analyser'";
-$R_form_button_valid = "Modifier";
+	$l_form_button_valid		= "Modifier";
-$R_form_button_retour = "Annuler";
+	$l_form_button_retour		= "Annuler";
-$R_form_result1 = "Votre mot de passe a &eacute;t&eacute; modifi&eacute; avec succ&egrave;s";
+	$l_form_result1			= "Votre mot de passe a été modifié avec succès";
-$R_form_result2 = "Erreur de changement de mot de passe";
+	$l_form_result2			= "Erreur de changement de mot de passe";
-$R_retour = "Retour &agrave; la page d'accueil ALCASAR";}
-else {
+} else {				// English
-$R_title = "User password change";
+	$l_title			= "User password change";
-$R_form_l1 = "User";
+	$l_form_l1			= "User";
-$R_form_l2 = "Old password";
+	$l_form_l2			= "Old password";
-$R_form_l3 = "New password";
+	$l_form_l3			= "New password";
-$R_form_l4 = "New password (confirmation)";
+	$l_form_l4			= "New password (confirmation)";
-$R_eval_pass = "Score :";
+	$l_eval_pass			= "Score:";
-$R_passwordmeter = "Powered by 'Shibbo Password Analyser'</a>";
+	$l_passwordmeter		= "Powered by 'Shibbo Password Analyser'";
-$R_form_button_valid = "Modify";
+	$l_form_button_valid		= "Modify";
-$R_form_button_retour = "Cancel";
+	$l_form_button_retour		= "Cancel";
-$R_form_result1 = "Your password has been successfuly changed";
+	$l_form_result1			= "Your password has been successfuly changed";
-$R_form_result2 = "Error when trying to change password";
+	$l_form_result2			= "Error when trying to change password";
+}
+if (isset($action)) {
+	if ($action === 'checkpass') {
+		if (!is_file("../acc/manager/lib/sql/drivers/$config[sql_type]/functions.php")) {
+			exit('<b>Could not include SQL library</b>');
+		}
+		require_once("../acc/manager/lib/sql/drivers/$config[sql_type]/functions.php");
+		$link = @da_sql_pconnect($config);
+		if ($link) {
+			$sql = "SELECT attribute,value FROM $config[sql_check_table] WHERE username = '$login' AND attribute = '$config[sql_password_attribute]';";
+			$res = @da_sql_query($link,$config, $sql);
+			if ($res) {
+				$row = @da_sql_fetch_array($res, $config);
+				if (!is_file("crypt/$config[general_encryption_method].php")) {
+					exit('<b>Could not open encryption library file</b>');
+				}
+				include("crypt/$config[general_encryption_method].php");
-$R_retour = "ALCASAR home page";
+				$enc_passwd = $row['value'];
+				$passwd     = da_encrypt($passwd,$enc_passwd);
+				$newpasswd  = da_encrypt($newpasswd,$enc_passwd);
+				$newpasswd2 = da_encrypt($newpasswd2,$enc_passwd);
+				if (($passwd === $enc_passwd) && ($newpasswd === $newpasswd2)) {
+					$sql = "UPDATE $config[sql_check_table] SET value='$newpasswd' WHERE username = '$login' AND attribute = '$config[sql_password_attribute]';";
+					$res2 = @da_sql_query($link, $config, $sql);
+					$changePasswordMessage = '<font color=blue><b>'.$l_form_result1.'</b></font>';
+				} else {
+					$changePasswordMessage = '<font color=red><b>'.$l_form_result2.'</b></font>';
+				}
+			}
+		}
+	}
+}
-echo "
+// Cleaning the cache
+header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
-<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
+header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
+header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+header('Cache-Control: post-check=0, pre-check=0', false);
+header('Pragma: no-cache');
+?>
+<!DOCTYPE html>
 <html>
 	<head>
-		<title>$R_title</title>
+		<meta charset="UTF-8">
-		<meta http-equiv=\"Cache-control\" content=\"no-cache\">
-		<meta http-equiv=\"Pragma\" content=\"no-cache\">
+		<title>ALCASAR - <?= $l_title ?></title>
-		<link rel=\"stylesheet\" href=\"../css/pass.css\" type=\"text/css\">
+		<link rel="stylesheet" href="../css/pass.css" type="text/css">
-		<link rel=\"stylesheet\" href=\"../css/style_intercept.css\" type=\"text/css\">
+		<link rel="stylesheet" href="../css/style_intercept.css" type="text/css">
-		<link type=\"text/css\" href=\"../css/pwdmeter.css\" media=\"screen\" rel=\"stylesheet\" />
+		<link rel="stylesheet" href="../css/pwdmeter.css" type="text/css">
 		<!--[if lt IE 7]>
-			<link type=\"text/css\" href=\"../css/ie.css\" media=\"screen\" rel=\"stylesheet\" />
+			<link rel="stylesheet" href="../css/ie.css" type="text/css">
 		<![endif]-->
-		<script type=\"text/javascript\" src=\"js/pwdmeter.js\" language=\"javascript\"></script>
-		<script type=\"text/javascript\">
+		<script src="js/pwdmeter.js"></script>
-			function valoriserDiv5(param){
-			document.getElementById(\"box_info\").innerHTML = param.innerHTML;
-			}
-		</script>
 	</head>
-	<body onload=\"valoriserDiv5(text_conn);\">
+	<body>
-				<div id=\"cadre_titre\" class=\"titre_controle\">
+		<div id="cadre_titre" class="titre_controle">
-					<p id=\"acces_controle\" class=\"titre_controle\">$R_title</p>
+			<p id="acces_controle" class="titre_controle"><?= $l_title ?></p>
-					<div id=\"boite_logo\">
-						<img src=\"/images/organisme.png\">
+			<div id="boite_logo"><img src="/images/organisme.png"></div>
-					</div>
-				</div>
+		</div>
-				<div id=\"contenu_acces\">
+		<div id="contenu_acces">
-					<form name=\"master\" action=\"$current_page\" method=\"post\">
+			<form name="master" action="<?= $current_page ?>" method="post">
-					<input type=hidden name=action value=checkpass>
+				<input type="hidden" name="action" value="checkpass">
-						<table id=\"champs_pass\" border=\"0\">
+				<table id="champs_pass" border="0">
-							<tr>
-								<td class=\"first_item\">$R_form_l1</td>
-								<td><input type=\"text\" name=\"login\" value=\"\" label=\"test\"></td>
-							</tr>
-							<tr>
-								<td class=\"first_item\">$R_form_l2</td>
-								<td><input type=\"password\" name=\"passwd\" value=\"\"></td>
-							</tr>
-							<tr>
-								<td class=\"first_item\">$R_form_l3</td>
-								<td>
-									<input type=\"password\" name=\"newpasswd\" id=\"passwordPwd\" value=\"\" autocomplete=\"off\" onkeyup=\"chkPass(this.value);\" />
-									<input type=\"text\" id=\"passwordTxt\" name=\"passwordTxt\" autocomplete=\"off\" onkeyup=\"chkPass(this.value);\" class=\"hide\" />
-								</td>
-							</tr>
-							<tr>
-								<td class=\"first_item\">$R_eval_pass</td>
-								<td>
-									<div id=\"scorebarBorder\">
-										<div id=\"score\">0%</div>
-										<div id=\"scorebar\">&nbsp;</div>
-									</div>
-									<div id=\"complexity\"></div>
-								</td>
-							</tr>
-							<tr>
-								<td colspan=\"2\" id=\"lien_pass\">$R_passwordmeter</td>
-							</tr>
-							<tr>
-								<td class=\"first_item\">$R_form_l4</td>
-								<td><input type=\"password\" name=\"newpasswd2\" value=\"\"></td>
-							</tr>
-							<tr>
-								<td colspan=\"2\" id=\"lien_pass\">
-								<input type=\"submit\" class=\"btn_form\" id=\"btn_pass\" value=\"$R_form_button_valid\">
-								<input type=\"button\" class=\"btn_form\" id=\"btn_retour\" value=\"$R_form_button_retour\" onclick=\"location.replace('$homepage');\">
-								</td>
-							</tr>
-						</table>
-				</div>
-			</div>
-			<div id=\"info_pass\">
-				<table id=\"tablePwdStatus\" cellpadding=\"5\" cellspacing=\"1\" border=\"0\">
-					<tr>
-						<th colspan=\"2\">Additions</th>
-						<th class=\"txtCenter\">Type</th>
-						<th class=\"txtCenter\">Rate</th>
-						<th class=\"txtCenter\">Count</th>
-						<th class=\"txtCenter\">Bonus</th>
-					</tr>
 					<tr>
-						<td width=\"1%\"><div id=\"div_nLength\" class=\"fail\">&nbsp;</div></td>
-						<td width=\"94%\">Number of Characters</td>
+						<td class="first_item"><?= $l_form_l1 ?></td>
-						<td width=\"1%\" class=\"txtCenter\">Flat</td>
-						<td width=\"1%\" class=\"txtCenter italic\">+(n*4)</td>
-						<td width=\"1%\"><div id=\"nLength\" class=\"box\">&nbsp;</div></td>
+						<td><input type="text" name="login" value="" label="test"></td>
-						<td width=\"1%\"><div id=\"nLengthBonus\" class=\"boxPlus\">&nbsp;</div></td>
 					</tr>
 					<tr>
-						<td><div id=\"div_nAlphaUC\" class=\"fail\">&nbsp;</div></td>
-						<td>Uppercase Letters</td>
-						<td class=\"txtCenter\">Cond/Incr</td>
+						<td class="first_item"><?= $l_form_l2 ?></td>
-						<td nowrap=\"nowrap\" class=\"txtCenter italic\">+((len-n)*2)</td>
-					   <td><div id=\"nAlphaUC\" class=\"box\">&nbsp;</div></td>
-						<td><div id=\"nAlphaUCBonus\" class=\"boxPlus\">&nbsp;</div></td>
-					</tr>
-					<tr>
-						<td><div id=\"div_nAlphaLC\" class=\"fail\">&nbsp;</div></td>
-						<td>Lowercase Letters</td>
-						<td class=\"txtCenter\">Cond/Incr</td>
-						<td class=\"txtCenter italic\">+((len-n)*2)</td>
-						<td><div id=\"nAlphaLC\" class=\"box\">&nbsp;</div></td>
+						<td><input type="password" name="passwd" value=""></td>
-						<td><div id=\"nAlphaLCBonus\" class=\"boxPlus\">&nbsp;</div></td>
 					</tr>
 					<tr>
-						<td><div id=\"div_nNumber\" class=\"fail\">&nbsp;</div></td>
-						<td>Numbers</td>
-						<td class=\"txtCenter\">Cond</td>
-						<td class=\"txtCenter italic\">+(n*4)</td>
+						<td class="first_item"><?= $l_form_l3 ?></td>
-						<td><div id=\"nNumber\" class=\"box\">&nbsp;</div></td>
-						<td><div id=\"nNumberBonus\" class=\"boxPlus\">&nbsp;</div></td>
-				   </tr>
-					<tr>
-						<td><div id=\"div_nSymbol\" class=\"fail\">&nbsp;</div></td>
-						<td>Symbols</td>
-						<td class=\"txtCenter\">Flat</td>
-						<td class=\"txtCenter italic\">+(n*6)</td>
-						<td><div id=\"nSymbol\" class=\"box\">&nbsp;</div></td>
-						<td><div id=\"nSymbolBonus\" class=\"boxPlus\">&nbsp;</div></td>
-				   </tr>
-					<tr>
+						<td>
-						<td><div id=\"div_nMidChar\" class=\"fail\">&nbsp;</div></td>
-						<td>Middle Numbers or Symbols</td>
-						<td class=\"txtCenter\">Flat</td>
-						<td class=\"txtCenter italic\">+(n*2)</td>
-						<td><div id=\"nMidChar\" class=\"box\">&nbsp;</div></td>
-						<td><div id=\"nMidCharBonus\" class=\"boxPlus\">&nbsp;</div></td>
+							<input type="password" name="newpasswd" id="passwordPwd" value="" autocomplete="off" onkeyup="chkPass(this.value);" />
-				   </tr>
-					<tr>
-						<td><div id=\"div_nRequirements\" class=\"fail\">&nbsp;</div></td>
-						<td>Requirements</td>
-						<td class=\"txtCenter\">Flat</td>
-						<td class=\"txtCenter italic\">+(n*2)</td>
-						<td><div id=\"nRequirements\" class=\"box\">&nbsp;</div></td>
-						<td><div id=\"nRequirementsBonus\" class=\"boxPlus\">&nbsp;</div></td>
+							<input type="text" id="passwordTxt" name="passwordTxt" autocomplete="off" onkeyup="chkPass(this.value);" class="hide" />
-				   </tr>
-					<tr>
+						</td>
-						<th colspan=\"6\">Deductions</th>
 					</tr>
 					<tr>
-						<td width=\"1%\"><div id=\"div_nAlphasOnly\" class=\"pass\">&nbsp;</div></td>
-						<td width=\"94%\">Letters Only</td>
-						<td width=\"1%\" class=\"txtCenter\">Flat</td>
-						<td width=\"1%\" class=\"txtCenter italic\">-n</td>
-						<td width=\"1%\"><div id=\"nAlphasOnly\" class=\"box\">&nbsp;</div></td>
-						<td width=\"1%\"><div id=\"nAlphasOnlyBonus\" class=\"boxMinus\">&nbsp;</div></td>
-					</tr>
-					<tr>
-						<td><div id=\"div_nNumbersOnly\" class=\"pass\">&nbsp;</div></td>
-						<td>Numbers Only</td>
-						<td class=\"txtCenter\">Flat</td>
-						<td class=\"txtCenter italic\">-n</td>
+						<td class="first_item"><?= $l_eval_pass ?></td>
-						<td><div id=\"nNumbersOnly\" class=\"box\">&nbsp;</div></td>
-						<td><div id=\"nNumbersOnlyBonus\" class=\"boxMinus\">&nbsp;</div></td>
-					</tr>
-					<tr>
-						<td><div id=\"div_nRepChar\" class=\"pass\">&nbsp;</div></td>
-						<td>Repeat Characters (Case Insensitive)</td>
-						<td class=\"txtCenter\">Comp</td>
-						<td nowrap=\"nowrap\" class=\"txtCenter italic\"> - </td>
-						<td><div id=\"nRepChar\" class=\"box\">&nbsp;</div></td>
-						<td><div id=\"nRepCharBonus\" class=\"boxMinus\">&nbsp;</div></td>
-					</tr>
-					<tr>
-						<td><div id=\"div_nConsecAlphaUC\" class=\"pass\">&nbsp;</div></td>
-						<td>Consecutive Uppercase Letters</td>
-						<td class=\"txtCenter\">Flat</td>
-						<td class=\"txtCenter italic\">-(n*2)</td>
-						<td><div id=\"nConsecAlphaUC\" class=\"box\">&nbsp;</div></td>
-						<td><div id=\"nConsecAlphaUCBonus\" class=\"boxMinus\">&nbsp;</div></td>
-					</tr>
-					<tr>
-						<td><div id=\"div_nConsecAlphaLC\" class=\"pass\">&nbsp;</div></td>
-						<td>Consecutive Lowercase Letters</td>
-						<td class=\"txtCenter\">Flat</td>
-						<td class=\"txtCenter italic\">-(n*2)</td>
-						<td><div id=\"nConsecAlphaLC\" class=\"box\">&nbsp;</div></td>
-						<td><div id=\"nConsecAlphaLCBonus\" class=\"boxMinus\">&nbsp;</div></td>
-					</tr>
-					<tr>
+						<td>
-						<td><div id=\"div_nConsecNumber\" class=\"pass\">&nbsp;</div></td>
-						<td>Consecutive Numbers</td>
+							<div id="scorebarBorder">
-						<td class=\"txtCenter\">Flat</td>
-						<td class=\"txtCenter italic\">-(n*2)</td>
-						<td><div id=\"nConsecNumber\" class=\"box\">&nbsp;</div></td>
-						<td><div id=\"nConsecNumberBonus\" class=\"boxMinus\">&nbsp;</div></td>
-					</tr>
-					<tr>
-						<td><div id=\"div_nSeqAlpha\" class=\"pass\">&nbsp;</div></td>
-						<td>Sequential Letters (3+)</td>
-						<td class=\"txtCenter\">Flat</td>
+								<div id="score">0%</div>
-						<td class=\"txtCenter italic\">-(n*3)</td>
-						<td><div id=\"nSeqAlpha\" class=\"box\">&nbsp;</div></td>
+								<div id="scorebar">&nbsp;</div>
-						<td><div id=\"nSeqAlphaBonus\" class=\"boxMinus\">&nbsp;</div></td>
-					</tr>
-					<tr>
-						<td><div id=\"div_nSeqNumber\" class=\"pass\">&nbsp;</div></td>
-						<td>Sequential Numbers (3+)</td>
-						<td class=\"txtCenter\">Flat</td>
-						<td class=\"txtCenter italic\">-(n*3)</td>
-						<td><div id=\"nSeqNumber\" class=\"box\">&nbsp;</div></td>
-						<td><div id=\"nSeqNumberBonus\" class=\"boxMinus\">&nbsp;</div></td>
-					</tr>
+							</div>
-					<tr>
-						<td><div id=\"div_nSeqSymbol\" class=\"pass\">&nbsp;</div></td>
-						<td>Sequential Symbols (3+)</td>
-						<td class=\"txtCenter\">Flat</td>
+							<div id="complexity"></div>
-						<td class=\"txtCenter italic\">-(n*3)</td>
-						<td><div id=\"nSeqSymbol\" class=\"box\">&nbsp;</div></td>
-						<td><div id=\"nSeqSymbolBonus\" class=\"boxMinus\">&nbsp;</div></td>
-					</tr>
+						</td>
-					<tr>
-						<th colspan=\"6\">Legend</th>
 					</tr>
 					<tr>
-						<td colspan=\"6\">
+						<td colspan="2" id="lien_pass"><?= $l_passwordmeter ?></td>
-							<ul id=\"listLegend\">
-								<li><div class=\"exceed imgLegend\">&nbsp;</div> <span class=\"bold\">Exceptional:</span> Exceeds minimum standards. Additional bonuses are applied.</li>
-								<li><div class=\"pass imgLegend\">&nbsp;</div> <span class=\"bold\">Sufficient:</span> Meets minimum standards. Additional bonuses are applied.</li>
-								<li><div class=\"warn imgLegend\">&nbsp;</div> <span class=\"bold\">Warning:</span> Advisory against employing bad practices. Overall score is reduced.</li>
-								<li><div class=\"fail imgLegend\">&nbsp;</div> <span class=\"bold\">Failure:</span> Does not meet the minimum standards. Overall score is reduced.</li>
-							</ul>
-						</td>
 					</tr>
-				</table>
-			   <table id=\"tablePwdNotes\" cellpadding=\"5\" cellspacing=\"1\" border=\"0\">
 					<tr>
-						<th>Quick Footnotes</th>
+						<td class="first_item"><?= $l_form_l4 ?></td>
+						<td><input type="password" name="newpasswd2" value=""></td>
 					</tr>
 					<tr>
-						<td>
-							&bull; <strong>Flat:</strong> Rates that add/remove in non-changing increments.<br />
-							&bull; <strong>Incr:</strong> Rates that add/remove in adjusting increments.<br />
-							&bull; <strong>Cond:</strong> Rates that add/remove depending on additional factors.<br />
-							&bull; <strong>Comp:</strong> Rates that are too complex to summarize. See source code for details.<br />
-							&bull; <strong>n:</strong> Refers to the total number of occurrences.<br />
-							&bull; <strong>len:</strong> Refers to the total password length.<br />
+						<td colspan="2" id="lien_pass">
-							&bull; Additional bonus scores are given for increased character variety.<br />
-							&bull; Final score is a cumulative result of all bonuses minus deductions.<br />
+							<input type="submit" class="btn_form" id="btn_pass" value="<?= $l_form_button_valid ?>">
-							&bull; Final score is capped with a minimum of 0 and a maximum of 100.<br />
-							&bull; Score and Complexity ratings are not conditional on meeting minimum requirements.<br />
+							<input type="button" class="btn_form" id="btn_retour" value="<?= $l_form_button_retour ?>" onclick="window.location = '<?= $homepage ?>';">
 						</td>
 					</tr>
+					<?php if (isset($changePasswordMessage)): ?>
+						<tr>
+							<td colspan="2"><?= $changePasswordMessage ?></td>
+						</tr>
+					<?php endif; ?>
 				</table>
+			</form>
-			</div>
+		</div>
+		<div id="info_pass">
+			<table id="tablePwdStatus" cellpadding="5" cellspacing="1" border="0">
-";
+				<tr>
-if (isset($action)){
+					<th colspan="2">Additions</th>
-	if ($action == 'checkpass'){
+					<th class="txtCenter">Type</th>
+					<th class="txtCenter">Rate</th>
+					<th class="txtCenter">Count</th>
+					<th class="txtCenter">Bonus</th>
+				</tr>
+				<tr>
-		if (is_file("../acc/manager/lib/sql/drivers/$config[sql_type]/functions.php"))
+					<td width="1%"><div id="div_nLength" class="fail">&nbsp;</div></td>
+					<td width="94%">Number of Characters</td>
+					<td width="1%" class="txtCenter">Flat</td>
+					<td width="1%" class="txtCenter italic">+(n*4)</td>
+					<td width="1%"><div id="nLength" class="box">&nbsp;</div></td>
-			include_once("../acc/manager/lib/sql/drivers/$config[sql_type]/functions.php");
+					<td width="1%"><div id="nLengthBonus" class="boxPlus">&nbsp;</div></td>
+				</tr>
-		else{
+				<tr>
-			echo "<b>Could not include SQL library</b><br>\n";
+					<td><div id="div_nAlphaUC" class="fail">&nbsp;</div></td>
+					<td>Uppercase Letters</td>
+					<td class="txtCenter">Cond/Incr</td>
+					<td nowrap="nowrap" class="txtCenter italic">+((len-n)*2)</td>
+					<td><div id="nAlphaUC" class="box">&nbsp;</div></td>
+					<td><div id="nAlphaUCBonus" class="boxPlus">&nbsp;</div></td>
-			exit();
+				</tr>
+				<tr>
+					<td><div id="div_nAlphaLC" class="fail">&nbsp;</div></td>
+					<td>Lowercase Letters</td>
+					<td class="txtCenter">Cond/Incr</td>
+					<td class="txtCenter italic">+((len-n)*2)</td>
+					<td><div id="nAlphaLC" class="box">&nbsp;</div></td>
+					<td><div id="nAlphaLCBonus" class="boxPlus">&nbsp;</div></td>
+				</tr>
-		}
+				<tr>
+					<td><div id="div_nNumber" class="fail">&nbsp;</div></td>
+					<td>Numbers</td>
-	$link = @da_sql_pconnect($config);
+					<td class="txtCenter">Cond</td>
+					<td class="txtCenter italic">+(n*4)</td>
+					<td><div id="nNumber" class="box">&nbsp;</div></td>
+					<td><div id="nNumberBonus" class="boxPlus">&nbsp;</div></td>
-		if ($link){
+				</tr>
+				<tr>
+					<td><div id="div_nSymbol" class="fail">&nbsp;</div></td>
+					<td>Symbols</td>
-			$res = @da_sql_query($link,$config,
+					<td class="txtCenter">Flat</td>
+					<td class="txtCenter italic">+(n*6)</td>
+					<td><div id="nSymbol" class="box">&nbsp;</div></td>
-				"SELECT attribute,value FROM $config[sql_check_table] WHERE username = '$login'
+					<td><div id="nSymbolBonus" class="boxPlus">&nbsp;</div></td>
+				</tr>
+				<tr>
-				AND attribute = '$config[sql_password_attribute]';");
+					<td><div id="div_nMidChar" class="fail">&nbsp;</div></td>
+					<td>Middle Numbers or Symbols</td>
+					<td class="txtCenter">Flat</td>
+					<td class="txtCenter italic">+(n*2)</td>
+					<td><div id="nMidChar" class="box">&nbsp;</div></td>
+					<td><div id="nMidCharBonus" class="boxPlus">&nbsp;</div></td>
-			if ($res){
+				</tr>
+				<tr>
+					<td><div id="div_nRequirements" class="fail">&nbsp;</div></td>
+					<td>Requirements</td>
+					<td class="txtCenter">Flat</td>
-				$row = @da_sql_fetch_array($res,$config);
+					<td class="txtCenter italic">+(n*2)</td>
+					<td><div id="nRequirements" class="box">&nbsp;</div></td>
-				if (is_file("crypt/$config[general_encryption_method].php")){
+					<td><div id="nRequirementsBonus" class="boxPlus">&nbsp;</div></td>
+				</tr>
+				<tr>
+					<th colspan="6">Deductions</th>
+				</tr>
+				<tr>
+					<td width="1%"><div id="div_nAlphasOnly" class="pass">&nbsp;</div></td>
+					<td width="94%">Letters Only</td>
+					<td width="1%" class="txtCenter">Flat</td>
+					<td width="1%" class="txtCenter italic">-n</td>
+					<td width="1%"><div id="nAlphasOnly" class="box">&nbsp;</div></td>
+					<td width="1%"><div id="nAlphasOnlyBonus" class="boxMinus">&nbsp;</div></td>
+				</tr>
+				<tr>
-					include("crypt/$config[general_encryption_method].php");
+					<td><div id="div_nNumbersOnly" class="pass">&nbsp;</div></td>
+					<td>Numbers Only</td>
-					$enc_passwd = $row['value'];
+					<td class="txtCenter">Flat</td>
-					$passwd = da_encrypt($passwd,$enc_passwd);
+					<td class="txtCenter italic">-n</td>
+					<td><div id="nNumbersOnly" class="box">&nbsp;</div></td>
+					<td><div id="nNumbersOnlyBonus" class="boxMinus">&nbsp;</div></td>
+				</tr>
+				<tr>
-					$newpasswd = da_encrypt($newpasswd,$enc_passwd);
+					<td><div id="div_nRepChar" class="pass">&nbsp;</div></td>
-					$newpasswd2 = da_encrypt($newpasswd2,$enc_passwd);
+					<td>Repeat Characters (Case Insensitive)</td>
+					<td class="txtCenter">Comp</td>
-					if (($passwd == $enc_passwd) and ($newpasswd == $newpasswd2)){
+					<td nowrap="nowrap" class="txtCenter italic"> - </td>
+					<td><div id="nRepChar" class="box">&nbsp;</div></td>
-						$msg = '<font color=blue><b>'.$R_form_result1.'</b></font>';
+					<td><div id="nRepCharBonus" class="boxMinus">&nbsp;</div></td>
+				</tr>
+				<tr>
+					<td><div id="div_nConsecAlphaUC" class="pass">&nbsp;</div></td>
-						$res2 = @da_sql_query($link,$config,
+					<td>Consecutive Uppercase Letters</td>
+					<td class="txtCenter">Flat</td>
+					<td class="txtCenter italic">-(n*2)</td>
-							"UPDATE $config[sql_check_table] set value='$newpasswd' WHERE username = '$login'
+					<td><div id="nConsecAlphaUC" class="box">&nbsp;</div></td>
-							AND attribute = '$config[sql_password_attribute]';");}
+					<td><div id="nConsecAlphaUCBonus" class="boxMinus">&nbsp;</div></td>
+				</tr>
-					else
+				<tr>
+					<td><div id="div_nConsecAlphaLC" class="pass">&nbsp;</div></td>
+					<td>Consecutive Lowercase Letters</td>
+					<td class="txtCenter">Flat</td>
+					<td class="txtCenter italic">-(n*2)</td>
-						$msg = '<font color=red><b>'.$R_form_result2.'</b></font>';
+					<td><div id="nConsecAlphaLC" class="box">&nbsp;</div></td>
+					<td><div id="nConsecAlphaLCBonus" class="boxMinus">&nbsp;</div></td>
+				</tr>
-				}
+				<tr>
+					<td><div id="div_nConsecNumber" class="pass">&nbsp;</div></td>
+					<td>Consecutive Numbers</td>
+					<td class="txtCenter">Flat</td>
+					<td class="txtCenter italic">-(n*2)</td>
+					<td><div id="nConsecNumber" class="box">&nbsp;</div></td>
+					<td><div id="nConsecNumberBonus" class="boxMinus">&nbsp;</div></td>
+				</tr>
-				else
+				<tr>
+					<td><div id="div_nSeqAlpha" class="pass">&nbsp;</div></td>
+					<td>Sequential Letters (3+)</td>
+					<td class="txtCenter">Flat</td>
+					<td class="txtCenter italic">-(n*3)</td>
-					echo "<b>Could not open encryption library file</b><br>\n";
+					<td><div id="nSeqAlpha" class="box">&nbsp;</div></td>
+					<td><div id="nSeqAlphaBonus" class="boxMinus">&nbsp;</div></td>
+				</tr>
-			}
+				<tr>
+					<td><div id="div_nSeqNumber" class="pass">&nbsp;</div></td>
+					<td>Sequential Numbers (3+)</td>
+					<td class="txtCenter">Flat</td>
+					<td class="txtCenter italic">-(n*3)</td>
+					<td><div id="nSeqNumber" class="box">&nbsp;</div></td>
+					<td><div id="nSeqNumberBonus" class="boxMinus">&nbsp;</div></td>
+				</tr>
-		}
+				<tr>
+					<td><div id="div_nSeqSymbol" class="pass">&nbsp;</div></td>
+					<td>Sequential Symbols (3+)</td>
-		echo "<span align=center>$msg</span>\n";
+					<td class="txtCenter">Flat</td>
+					<td class="txtCenter italic">-(n*3)</td>
+					<td><div id="nSeqSymbol" class="box">&nbsp;</div></td>
+					<td><div id="nSeqSymbolBonus" class="boxMinus">&nbsp;</div></td>
+				</tr>
+				<tr>
+					<th colspan="6">Legend</th>
+				</tr>
+				<tr>
+					<td colspan="6">
+						<ul id="listLegend">
+							<li><div class="exceed imgLegend">&nbsp;</div><span class="bold">Exceptional:</span> Exceeds minimum standards. Additional bonuses are applied.</li>
+							<li><div class="pass imgLegend">&nbsp;</div><span class="bold">Sufficient:</span> Meets minimum standards. Additional bonuses are applied.</li>
+							<li><div class="warn imgLegend">&nbsp;</div><span class="bold">Warning:</span> Advisory against employing bad practices. Overall score is reduced.</li>
+							<li><div class="fail imgLegend">&nbsp;</div><span class="bold">Failure:</span> Does not meet the minimum standards. Overall score is reduced.</li>
+						</ul>
+					</td>
+				</tr>
+			</table>
+		   	<table id="tablePwdNotes" cellpadding="5" cellspacing="1" border="0">
-	}
+				<tr>
+					<th>Quick Footnotes</th>
+				</tr>
-}
+				<tr>
+					<td>
+						&bull; <strong>Flat:</strong> Rates that add/remove in non-changing increments.<br>
+						&bull; <strong>Incr:</strong> Rates that add/remove in adjusting increments.<br>
+						&bull; <strong>Cond:</strong> Rates that add/remove depending on additional factors.<br>
+						&bull; <strong>Comp:</strong> Rates that are too complex to summarize. See source code for details.<br>
+						&bull; <strong>n:</strong> Refers to the total number of occurrences.<br>
+						&bull; <strong>len:</strong> Refers to the total password length.<br>
+						&bull; Additional bonus scores are given for increased character variety.<br>
+						&bull; Final score is a cumulative result of all bonuses minus deductions.<br>
+						&bull; Final score is capped with a minimum of 0 and a maximum of 100.<br>
+						&bull; Score and Complexity ratings are not conditional on meeting minimum requirements.<br>
+					</td>
+				</tr>
+			</table>
-?>
+		</div>
-</body>
+	</body>
 </html>

Subversion Repositories ALCASAR

(root)/web/pass/index.php – Rev 2207 → 2241