fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in bugfix/HOR-4526 (pull request #6677)

Browse Source 
HOR-4526

Approved-by: Julio Cesar Laura Avendaño <contact@julio-laura.com>
This commit is contained in:
Paula Quispe
2018-11-01 14:22:11 +00:00
committed by Julio Cesar Laura Avendaño
parent 0c941d4fc8 20627c718a
commit 275225352c
8 changed files with 166 additions and 607 deletions
Download Patch File Download Diff File Expand all files Collapse all files

130
workflow/engine/classes/model/UsersProperties.php
View File

@@ -125,7 +125,17 @@ class UsersProperties extends BaseUsersProperties
return $aUserProperty;
}
public function validatePassword($sPassword, $sLastUpdate, $iChangePasswordNextTime, $nowLogin = false)
/**
* This function will be validate the password policies
*
* @param string $password
* @param string $lastUpdate
* @param integer $changePassword
* @param boolean $nowLogin
*
* @return array
*/
public function validatePassword($password, $lastUpdate, $changePassword, $nowLogin = false)
{
if (!defined('PPP_MINIMUM_LENGTH')) {
define('PPP_MINIMUM_LENGTH', 5);
@@ -145,50 +155,114 @@ class UsersProperties extends BaseUsersProperties
if (!defined('PPP_EXPIRATION_IN')) {
define('PPP_EXPIRATION_IN', 0);
}
if (function_exists('mb_strlen')) {
$iLength = mb_strlen($sPassword);
} else {
$iLength = strlen($sPassword);
$lengthPassword = function_exists('mb_strlen') ? mb_strlen($password): strlen($password);
$listErrors = [];
//The password has the minimum length
if ($lengthPassword < PPP_MINIMUM_LENGTH || $nowLogin) {
$listErrors[] = 'ID_PPP_MINIMUM_LENGTH';
}
$aErrors = array();
if ($iLength < PPP_MINIMUM_LENGTH || $nowLogin) {
$aErrors[] = 'ID_PPP_MINIMUM_LENGTH';
}
if ($iLength > PPP_MAXIMUM_LENGTH || $nowLogin) {
$aErrors[] = 'ID_PPP_MAXIMUM_LENGTH';
//The password has the maximum length
if ($lengthPassword > PPP_MAXIMUM_LENGTH || $nowLogin) {
$listErrors[] = 'ID_PPP_MAXIMUM_LENGTH';
}
//The password requires a number
if (PPP_NUMERICAL_CHARACTER_REQUIRED == 1) {
if (preg_match_all('/[0-9]/', $sPassword, $aMatch, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE) == 0 || $nowLogin) {
$aErrors[] = 'ID_PPP_NUMERICAL_CHARACTER_REQUIRED';
if (preg_match_all('/[0-9]/', $password, $aMatch,
PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE) == 0 || $nowLogin) {
$listErrors[] = 'ID_PPP_NUMERICAL_CHARACTER_REQUIRED';
}
}
//The password requires a upper case
if (PPP_UPPERCASE_CHARACTER_REQUIRED == 1) {
if (preg_match_all('/[A-Z]/', $sPassword, $aMatch, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE) == 0 || $nowLogin) {
$aErrors[] = 'ID_PPP_UPPERCASE_CHARACTER_REQUIRED';
if (preg_match_all('/[A-Z]/', $password, $aMatch,
PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE) == 0 || $nowLogin) {
$listErrors[] = 'ID_PPP_UPPERCASE_CHARACTER_REQUIRED';
}
}
//The password requires a special character
if (PPP_SPECIAL_CHARACTER_REQUIRED == 1) {
if (preg_match_all('/[<5B><>\\!|"@<40>#$~%<25>&<26>\/()=\'?<3F><>*+\-_.:,;]/', $sPassword, $aMatch, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE) == 0 || $nowLogin) {
$aErrors[] = 'ID_PPP_SPECIAL_CHARACTER_REQUIRED';
if (preg_match_all('/[<5B><>\\!|"@<40>#$~%<25>&<26>\/()=\'?<3F><>*+\-_.:,;]/', $password, $aMatch,
PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE) == 0 || $nowLogin) {
$listErrors[] = 'ID_PPP_SPECIAL_CHARACTER_REQUIRED';
}
}
//The configuration PPP_EXPIRATION_IN is saved in hours
if (PPP_EXPIRATION_IN > 0) {
$oCalendar = new Calendar();
if ($oCalendar->pmCalendarUid == '') {
$oCalendar->pmCalendarUid = '00000000000000000000000000000001';
$oCalendar->getCalendarData();
$hoursBetweenDates = (strtotime(date('Y-m-d H:i:s')) - strtotime($lastUpdate)) / (60 * 60);
if ($hoursBetweenDates > PPP_EXPIRATION_IN || $nowLogin) {
$listErrors[] = 'ID_PPP_EXPIRATION_IN';
$changePassword = 1;
}
}
$fDays = $oCalendar->calculateDuration(date('Y-m-d H:i:s'), $sLastUpdate);
if ($fDays > (PPP_EXPIRATION_IN * 24) || $nowLogin) {
$aErrors[] = 'ID_PPP_EXPIRATION_IN';
if ($changePassword == 1) {
$listErrors[] = 'ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN';
}
return $listErrors;
}
/**
* This function will be get the message for show what policies does not complied
*
* @param array $errorsInPassword
* @param boolean $afterFillingPass
* @param boolean $onlyText
*
* @return array
*/
public function getMessageValidatePassword($errorsInPassword, $afterFillingPass = true, $onlyText = false){
$messPassword = [];
$policyErrors = false;
if ($afterFillingPass) {
$policyMessage = G::LoadTranslation('ID_POLICY_ALERT');
} else {
$policyMessage = G::LoadTranslation('ID_POLICY_ALERT_INFO');
}
$policyMessage .= ($onlyText) ? ' ' : '<br/><br/>';
foreach ($errorsInPassword as $error) {
switch ($error) {
case 'ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN':
//Does not consider a policy for the final user, the administrator request to change password
$messPassword[substr($error, 3)] = PPP_MINIMUM_LENGTH;
break;
case 'ID_PPP_MINIMUM_LENGTH':
$policyErrors = true;
$policyMessage .= '- ' . G::LoadTranslation($error) . ': ' . PPP_MINIMUM_LENGTH;
$policyMessage .= ($onlyText) ? '. ' : '<br/>';
$messPassword[substr($error, 3)] = PPP_MINIMUM_LENGTH;
$messPassword['PPP_MINIMUN_LENGTH'] = PPP_MINIMUM_LENGTH;
break;
case 'ID_PPP_MAXIMUM_LENGTH':
$policyErrors = true;
$policyMessage .= '- ' . G::LoadTranslation($error) . ': ' . PPP_MAXIMUM_LENGTH;
$policyMessage .= ($onlyText) ? '. ' : '<br/>';
$messPassword[substr($error, 3)] = PPP_MAXIMUM_LENGTH;
$messPassword['PPP_MAXIMUN_LENGTH'] = PPP_MAXIMUM_LENGTH;
break;
case 'ID_PPP_EXPIRATION_IN':
//Does not consider a policy for the final user, this is enhanced login configuration
$messPassword[substr($error, 3)] = PPP_EXPIRATION_IN;
break;
default:
//PPP_NUMERICAL_CHARACTER_REQUIRED
//PPP_UPPERCASE_CHARACTER_REQUIRED
//PPP_SPECIAL_CHARACTER_REQUIRED
$policyErrors = true;
$policyMessage .= '- ' . G::LoadTranslation($error);
$policyMessage .= ($onlyText) ? '. ' : '<br/>';
$messPassword[substr($error, 3)] = 1;
break;
}
}
if ($iChangePasswordNextTime == 1) {
$aErrors[] = 'ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN';
if ($afterFillingPass){
$policyMessage .= G::LoadTranslation('ID_PLEASE_CHANGE_PASSWORD_POLICY');
}
return $aErrors;
$messPassword['DESCRIPTION'] = ($policyErrors) ? $policyMessage : '';
return $messPassword;
}
/**

14
workflow/engine/content/translations/english/processmaker.en.po
View File

@@ -20924,8 +20924,14 @@ msgstr "PM Table"
# TRANSLATION
# LABEL/ID_POLICY_ALERT
#: LABEL/ID_POLICY_ALERT
msgid "Your password does not meet the following password policies"
msgstr "Your password does not meet the following password policies"
msgid "Your password does not meet the following password policies:"
msgstr "Your password does not meet the following password policies:"
# TRANSLATION
# LABEL/ID_POLICY_ALERT_INFO
#: LABEL/ID_POLICY_ALERT_INFO
msgid "Your password must meet the following policies:"
msgstr "Your password must meet the following policies:"
# TRANSLATION
# LABEL/ID_PORT
@@ -20960,8 +20966,8 @@ msgstr "The posted data is empty!"
# TRANSLATION
# LABEL/ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN
#: LABEL/ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN
msgid "User must change his/her password after next login"
msgstr "User must change his/her password after next login"
msgid "Your previous password has expired, please enter a new password"
msgstr "Your previous password has expired, please enter a new password"
# TRANSLATION
# LABEL/ID_PPP_EXPIRATION_IN

5
workflow/engine/data/mysql/insert.sql
View File

@@ -60364,13 +60364,14 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
( 'LABEL','ID_PM_GRID','en','pmGrid','2014-01-15') ,
( 'LABEL','ID_PM_HEARTBEAT_SETTINGS_TITLE','en','Heart Beat Configuration','2014-01-15') ,
( 'LABEL','ID_PM_TABLE','en','PM Table','2014-01-15') ,
( 'LABEL','ID_POLICY_ALERT','en','Your password does not meet the following password policies','2014-01-15') ,
( 'LABEL','ID_POLICY_ALERT','en','Your password does not meet the following password policies:','2018-10-29') ,
( 'LABEL','ID_POLICY_ALERT_INFO','en','Your password must meet the following policies:','2018-10-29') ,
( 'LABEL','ID_PORT','en','Port','2014-01-15') ,
( 'LABEL','ID_PORT_UNREACHABLE','en','Destination Port Unreachable','2015-09-18') ,
( 'LABEL','ID_POSITION','en','Position','2014-01-15') ,
( 'LABEL','ID_POSTED_AT','en','Posted at','2014-01-15') ,
( 'LABEL','ID_POSTED_DATA_EMPTY','en','The posted data is empty!','2015-01-16') ,
( 'LABEL','ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN','en','User must change his/her password after next login','2014-10-21') ,
( 'LABEL','ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN','en','Your previous password has expired, please enter a new password','2018-10-26') ,
( 'LABEL','ID_PPP_EXPIRATION_IN','en','Password Expiration in','2014-01-15') ,
( 'LABEL','ID_PPP_MAXIMUM_LENGTH','en','Maximum length','2014-01-15') ,
( 'LABEL','ID_PPP_MAXIMUN_LENGTH','en','Maximum length','2014-01-15') ,

53
workflow/engine/methods/login/authentication.php
View File

@@ -290,7 +290,7 @@ try {
/* Check password using policy - Start */
require_once 'classes/model/UsersProperties.php';
$oUserProperty = new UsersProperties();
$userProperty = new UsersProperties();
// getting default user location
if (isset($_REQUEST['form']['URL']) && $_REQUEST['form']['URL'] != '') {
@@ -307,7 +307,7 @@ try {
if (isset($_REQUEST['u']) && $_REQUEST['u'] != '') {
$sLocation = G::sanitizeInput($_REQUEST['u']);
} else {
$sLocation = $oUserProperty->redirectTo($_SESSION['USER_LOGGED'], $lang);
$sLocation = $userProperty->redirectTo($_SESSION['USER_LOGGED'], $lang);
}
}
@@ -316,50 +316,39 @@ try {
die();
}
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($_SESSION['USER_LOGGED'], array('USR_PASSWORD_HISTORY' => serialize(array(G::encryptOld($pwd)))));
$aErrors = $oUserProperty->validatePassword($_POST['form']['USR_PASSWORD'], $aUserProperty['USR_LAST_UPDATE_DATE'], $aUserProperty['USR_LOGGED_NEXT_TIME'], true);
$userPropertyInfo = $userProperty->loadOrCreateIfNotExists($_SESSION['USER_LOGGED'], array('USR_PASSWORD_HISTORY' => serialize(array(G::encryptOld($pwd)))));
$errorInPassword = $userProperty->validatePassword(
$_POST['form']['USR_PASSWORD'],
$userPropertyInfo['USR_LAST_UPDATE_DATE'],
$userPropertyInfo['USR_LOGGED_NEXT_TIME']
);
//Enable change password from GAP
if (!isset($enableChangePasswordAfterNextLogin)) {
$enableChangePasswordAfterNextLogin = true;
}
if ($enableChangePasswordAfterNextLogin && !empty($aErrors) && in_array("ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN", $aErrors)) {
if ($enableChangePasswordAfterNextLogin && !empty($errorInPassword)) {
if (!defined('NO_DISPLAY_USERNAME')) {
define('NO_DISPLAY_USERNAME', 1);
}
$aFields = array();
$aFields['DESCRIPTION'] = '<span style="font-weight:normal;">';
$aFields['DESCRIPTION'] .= G::LoadTranslation('ID_POLICY_ALERT').':<br /><br />';
foreach ($aErrors as $sError) {
switch ($sError) {
case 'ID_PPP_MINIMUM_LENGTH':
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError).': ' . PPP_MINIMUM_LENGTH . '<br />';
$aFields[substr($sError, 3)] = PPP_MINIMUM_LENGTH;
$aFields['PPP_MINIMUN_LENGTH'] = PPP_MINIMUM_LENGTH;
break;
case 'ID_PPP_MAXIMUM_LENGTH':
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError).': ' . PPP_MAXIMUM_LENGTH . '<br />';
$aFields[substr($sError, 3)] = PPP_MAXIMUM_LENGTH;
$aFields['PPP_MAXIMUN_LENGTH'] = PPP_MAXIMUM_LENGTH;
break;
case 'ID_PPP_EXPIRATION_IN':
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError).' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation('ID_DAYS') . '<br />';
$aFields[substr($sError, 3)] = PPP_EXPIRATION_IN;
break;
default:
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError).'<br />';
$aFields[substr($sError, 3)] = 1;
break;
//We will to get the message for the login
$messPassword = [];
$policySection = $userProperty->getMessageValidatePassword($errorInPassword, false);
$changePassword = '<span style="font-weight:normal;">';
if (array_search('ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN', $errorInPassword)) {
$changePassword .= G::LoadTranslation('ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN') . '<br/><br/>';
}
}
$aFields['DESCRIPTION'] .= '<br />' . G::LoadTranslation('ID_PLEASE_CHANGE_PASSWORD_POLICY') . '<br /><br /></span>';
$messPassword['DESCRIPTION'] = $changePassword . $policySection['DESCRIPTION'] . '</span>';
$G_PUBLISH = new Publisher;
$version = explode('.', trim(file_get_contents(PATH_GULLIVER . 'VERSION')));
$version = isset($version[0]) ? intval($version[0]) : 0;
if ($version >= 3) {
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/changePasswordpm3', '', $aFields, 'changePassword');
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/changePasswordpm3', '', $messPassword,
'changePassword');
} else {
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/changePassword', '', $aFields, 'changePassword');
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/changePassword', '', $messPassword, 'changePassword');
}
G::RenderPage('publish');
die;

170
workflow/engine/methods/users/myInfo_Save.php
View File

@@ -1,170 +0,0 @@
<?php
/**
* myInfo_Save.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
try {
ini_set( 'display_errors', '1' );
global $RBAC;
switch ($RBAC->userCanAccess( 'PM_LOGIN' )) {
case - 2:
G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels' );
G::header( 'location: ../login/login' );
die();
break;
case - 1:
G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels' );
G::header( 'location: ../login/login' );
die();
break;
}
if (isset( $_FILES['form']['name']['USR_RESUME'] )) {
$_POST['form']['USR_RESUME'] = $_FILES['form']['name']['USR_RESUME'];
}
if ($_POST['form']['USR_EMAIL'] != '') {
// The ereg function has been DEPRECATED as of PHP 5.3.0.
// if (!ereg("^[_a-zA-Z0-9-]+(\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*$", $_POST['form']['USR_EMAIL'])) {
if (! preg_match( "/^[_a-zA-Z0-9-]+(\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*$/", $_POST['form']['USR_EMAIL'] )) {
G::SendTemporalMessage( 'ID_INCORRECT_EMAIL', 'error' );
}
}
if (! isset( $_POST['form']['USR_NEW_PASS'] )) {
$_POST['form']['USR_NEW_PASS'] = '';
}
if ($_POST['form']['USR_NEW_PASS'] != '') {
$_POST['form']['USR_PASSWORD'] = Bootstrap::hashPassword( $_POST['form']['USR_NEW_PASS'] );
}
if (! isset( $_POST['form']['USR_CITY'] )) {
$_POST['form']['USR_CITY'] = '';
}
if (! isset( $_POST['form']['USR_LOCATION'] )) {
$_POST['form']['USR_LOCATION'] = '';
}
if (! isset( $_POST['form']['USR_ROLE'] )) {
$_POST['form']['USR_ROLE'] = '';
}
$aData['USR_UID'] = $_POST['form']['USR_UID'];
$aData['USR_USERNAME'] = $_POST['form']['USR_USERNAME'];
if (isset( $_POST['form']['USR_PASSWORD'] )) {
if ($_POST['form']['USR_PASSWORD'] != '') {
$aData['USR_PASSWORD'] = $_POST['form']['USR_PASSWORD'];
require_once 'classes/model/UsersProperties.php';
$oUserProperty = new UsersProperties();
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists( $_POST['form']['USR_UID'], array ('USR_PASSWORD_HISTORY' => serialize( array (G::encryptOld( $_POST['form']['USR_NEW_PASS'] )
) )
) );
$aErrors = $oUserProperty->validatePassword( $_POST['form']['USR_NEW_PASS'], $aUserProperty['USR_LAST_UPDATE_DATE'], $aUserProperty['USR_LOGGED_NEXT_TIME'] );
if (count( $aErrors ) > 0) {
$sDescription = G::LoadTranslation( 'ID_POLICY_ALERT' ) . ':<br /><br />';
foreach ($aErrors as $sError) {
switch ($sError) {
case 'ID_PPP_MINIMUN_LENGTH':
$sDescription .= ' - ' . G::LoadTranslation( $sError ) . ': ' . PPP_MINIMUN_LENGTH . '<br />';
break;
case 'ID_PPP_MAXIMUN_LENGTH':
$sDescription .= ' - ' . G::LoadTranslation( $sError ) . ': ' . PPP_MAXIMUN_LENGTH . '<br />';
break;
case 'ID_PPP_EXPIRATION_IN':
$sDescription .= ' - ' . G::LoadTranslation( $sError ) . ' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation( 'ID_DAYS' ) . '<br />';
break;
default:
$sDescription .= ' - ' . G::LoadTranslation( $sError ) . '<br />';
break;
}
}
$sDescription .= '<br />' . G::LoadTranslation( 'ID_PLEASE_CHANGE_PASSWORD_POLICY' );
G::SendMessageText( $sDescription, 'warning' );
G::header( 'Location: ' . $_SERVER['HTTP_REFERER'] );
die();
}
$aHistory = unserialize( $aUserProperty['USR_PASSWORD_HISTORY'] );
if (! is_array( $aHistory )) {
$aHistory = array ();
}
if (! defined( 'PPP_PASSWORD_HISTORY' )) {
define( 'PPP_PASSWORD_HISTORY', 0 );
}
if (PPP_PASSWORD_HISTORY > 0) {
if (count( $aHistory ) >= PPP_PASSWORD_HISTORY) {
array_shift( $aHistory );
}
$aHistory[] = $_POST['form']['USR_NEW_PASS'];
}
$aUserProperty['USR_LAST_UPDATE_DATE'] = date( 'Y-m-d H:i:s' );
$aUserProperty['USR_LOGGED_NEXT_TIME'] = 1;
$aUserProperty['USR_PASSWORD_HISTORY'] = serialize( $aHistory );
$oUserProperty->update( $aUserProperty );
}
}
$aData['USR_FIRSTNAME'] = $_POST['form']['USR_FIRSTNAME'];
$aData['USR_LASTNAME'] = $_POST['form']['USR_LASTNAME'];
$aData['USR_EMAIL'] = $_POST['form']['USR_EMAIL'];
$aData['USR_DUE_DATE'] = $_POST['form']['USR_DUE_DATE'];
$aData['USR_UPDATE_DATE'] = date( 'Y-m-d H:i:s' );
$RBAC->updateUser( $aData );
$aData['USR_PASSWORD'] = G::encryptOld( $_POST['form']['USR_USERNAME'] ); //fake :p
$aData['USR_COUNTRY'] = $_POST['form']['USR_COUNTRY'];
$aData['USR_CITY'] = $_POST['form']['USR_CITY'];
$aData['USR_LOCATION'] = $_POST['form']['USR_LOCATION'];
$aData['USR_ADDRESS'] = $_POST['form']['USR_ADDRESS'];
$aData['USR_PHONE'] = $_POST['form']['USR_PHONE'];
$aData['USR_ZIP_CODE'] = $_POST['form']['USR_ZIP_CODE'];
$aData['USR_POSITION'] = $_POST['form']['USR_POSITION'];
if ($_POST['form']['USR_RESUME'] != '') {
$aData['USR_RESUME'] = $_POST['form']['USR_RESUME'];
}
require_once 'classes/model/Users.php';
$oUser = new Users();
$oUser->update( $aData );
if ($_FILES['form']['tmp_name']['USR_PHOTO'] != '') {
$aAux = explode( '.', $_FILES['form']['name']['USR_PHOTO'] );
G::uploadFile( $_FILES['form']['tmp_name']['USR_PHOTO'], PATH_IMAGES_ENVIRONMENT_USERS, $aData['USR_UID'] . '.' . $aAux[1] );
G::resizeImage( PATH_IMAGES_ENVIRONMENT_USERS . $aData['USR_UID'] . '.' . $aAux[1], 96, 96, PATH_IMAGES_ENVIRONMENT_USERS . $aData['USR_UID'] . '.gif' );
}
if ($_FILES['form']['tmp_name']['USR_RESUME'] != '') {
G::uploadFile( $_FILES['form']['tmp_name']['USR_RESUME'], PATH_IMAGES_ENVIRONMENT_FILES . $aData['USR_UID'] . '/', $_FILES['form']['name']['USR_RESUME'] );
}
/* Saving preferences */
$def_lang = $_POST['form']['PREF_DEFAULT_LANG'];
$def_menu = $_POST['form']['PREF_DEFAULT_MENUSELECTED'];
$def_cases_menu = $_POST['form']['PREF_DEFAULT_CASES_MENUSELECTED'];
$oConf = new Configurations();
$aConf = Array ('DEFAULT_LANG' => $def_lang,'DEFAULT_MENU' => $def_menu,'DEFAULT_CASES_MENU' => $def_cases_menu
);
/*UPDATING SESSION VARIABLES*/
$aUser = $RBAC->userObj->load( $_SESSION['USER_LOGGED'] );
$_SESSION['USR_FULLNAME'] = $aUser['USR_FIRSTNAME'] . ' ' . $aUser['USR_LASTNAME'];
$oConf->aConfig = $aConf;
$oConf->saveConfig( 'USER_PREFERENCES', '', '', $_SESSION['USER_LOGGED'] );
G::SendTemporalMessage( 'ID_CHANGES_SAVED', 'info', 'labels' );
G::header( 'location: myInfo' );
} catch (Exception $oException) {
$token = strtotime("now");
PMException::registerErrorLog($oException, $token);
G::outRes( G::LoadTranslation("ID_EXCEPTION_LOG_INTERFAZ", array($token)) );
die;
}

44
workflow/engine/methods/users/usersAjax.php
View File

@@ -380,56 +380,32 @@ switch ($_POST['action']) {
break;
case 'testPassword':
require_once 'classes/model/UsersProperties.php';
$oUserProperty = new UsersProperties();
$userProperty = new UsersProperties();
$aFields = array();
$fields = [];
$color = '';
$img = '';
$dateNow = date('Y-m-d H:i:s');
$aErrors = $oUserProperty->validatePassword($_POST['PASSWORD_TEXT'], $dateNow, $dateNow);
$errorInPassword = $userProperty->validatePassword($_POST['PASSWORD_TEXT'], $dateNow, 0);
if (!empty($aErrors)) {
if (!empty($errorInPassword)) {
$img = '/images/delete.png';
$color = 'red';
if (!defined('NO_DISPLAY_USERNAME')) {
define('NO_DISPLAY_USERNAME', 1);
}
$aFields = array();
$aFields['DESCRIPTION'] = G::LoadTranslation('ID_POLICY_ALERT') . ':<br />';
foreach ($aErrors as $sError) {
switch ($sError) {
case 'ID_PPP_MINIMUM_LENGTH':
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MINIMUM_LENGTH . '<br />';
$aFields[substr($sError, 3)] = PPP_MINIMUM_LENGTH;
break;
case 'ID_PPP_MAXIMUM_LENGTH':
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MAXIMUM_LENGTH . '<br />';
$aFields[substr($sError, 3)] = PPP_MAXIMUM_LENGTH;
break;
case 'ID_PPP_EXPIRATION_IN':
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation('ID_DAYS') . '<br />';
$aFields[substr($sError, 3)] = PPP_EXPIRATION_IN;
break;
default:
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . '<br />';
$aFields[substr($sError, 3)] = 1;
break;
}
}
$aFields['DESCRIPTION'] .= G::LoadTranslation('ID_PLEASE_CHANGE_PASSWORD_POLICY') . '</span>';
$aFields['STATUS'] = false;
$fields = $userProperty->getMessageValidatePassword($errorInPassword);
$fields['STATUS'] = false;
} else {
$color = 'green';
$img = '/images/dialog-ok-apply.png';
$aFields['DESCRIPTION'] = G::LoadTranslation('ID_PASSWORD_COMPLIES_POLICIES') . '</span>';
$aFields['STATUS'] = true;
$fields['DESCRIPTION'] = G::LoadTranslation('ID_PASSWORD_COMPLIES_POLICIES') . '</span>';
$fields['STATUS'] = true;
}
$span = '<span style="color: ' . $color . '; font: 9px tahoma,arial,helvetica,sans-serif;">';
$gif = '<img width="13" height="13" border="0" src="' . $img . '">';
$aFields['DESCRIPTION'] = $span . $gif . $aFields['DESCRIPTION'];
print(G::json_encode($aFields));
$fields['DESCRIPTION'] = $span . $gif . $fields['DESCRIPTION'];
print(G::json_encode($fields));
break;
case 'testUsername':
require_once 'classes/model/Users.php';

297
workflow/engine/methods/users/users_Save.php
View File

@@ -1,297 +0,0 @@
<?php
/**
* users_Save.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
try {
global $RBAC;
switch ($RBAC->userCanAccess( 'PM_FACTORY' )) {
case - 2:
G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels' );
G::header( 'location: ../login/login' );
die();
break;
case - 1:
G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels' );
G::header( 'location: ../login/login' );
die();
break;
}
if (empty( $_POST ) || ! isset( $_POST['form'] )) {
if (empty( $_FILES ))
throw (new Exception( G::loadTranslation( 'ID_ERROR_UPLOADING_FILENAME' ) ));
else
throw (new Exception( G::loadTranslation( 'ID_POSTED_DATA_EMPTY' ) ));
}
$form = $_POST['form'];
if (isset( $_GET['USR_UID'] )) {
$form['USR_UID'] = $_GET['USR_UID'];
} else {
$form['USR_UID'] = '';
}
if (isset( $_FILES['form']['name']['USR_RESUME'] )) {
if ($_FILES['form']['tmp_name']['USR_RESUME'] != '') {
$form['USR_RESUME'] = $_FILES['form']['name']['USR_RESUME'];
} else {
$form['USR_RESUME'] = '';
}
}
if (! isset( $form['USR_NEW_PASS'] )) {
$form['USR_NEW_PASS'] = '';
}
if ($form['USR_NEW_PASS'] != '') {
$form['USR_PASSWORD'] = Bootstrap::hashPassword( $form['USR_NEW_PASS'] );
}
if (! isset( $form['USR_CITY'] )) {
$form['USR_CITY'] = '';
}
if (! isset( $form['USR_LOCATION'] )) {
$form['USR_LOCATION'] = '';
}
if (! isset( $form['USR_AUTH_USER_DN'] )) {
$form['USR_AUTH_USER_DN'] = '';
}
if ($form['USR_UID'] == '') {
$aData['USR_USERNAME'] = $form['USR_USERNAME'];
$aData['USR_PASSWORD'] = $form['USR_PASSWORD'];
$aData['USR_FIRSTNAME'] = $form['USR_FIRSTNAME'];
$aData['USR_LASTNAME'] = $form['USR_LASTNAME'];
$aData['USR_EMAIL'] = $form['USR_EMAIL'];
$aData['USR_DUE_DATE'] = $form['USR_DUE_DATE'];
$aData['USR_CREATE_DATE'] = date( 'Y-m-d H:i:s' );
$aData['USR_UPDATE_DATE'] = date( 'Y-m-d H:i:s' );
$aData['USR_BIRTHDAY'] = date( 'Y-m-d' );
$aData['USR_AUTH_USER_DN'] = $form['USR_AUTH_USER_DN'];
//fixing bug in inactive user when the admin create a new user.
$statusWF = $form['USR_STATUS'];
$aData['USR_STATUS'] = $form['USR_STATUS'] == 'ACTIVE' ? 1 : 0;
$sUserUID = $RBAC->createUser( $aData, $form['USR_ROLE'] );
$aData['USR_STATUS'] = $statusWF;
$aData['USR_UID'] = $sUserUID;
$aData['USR_PASSWORD'] = G::encryptOld( $sUserUID ); //fake :p
$aData['USR_COUNTRY'] = $form['USR_COUNTRY'];
$aData['USR_CITY'] = $form['USR_CITY'];
$aData['USR_LOCATION'] = $form['USR_LOCATION'];
$aData['USR_ADDRESS'] = $form['USR_ADDRESS'];
$aData['USR_PHONE'] = $form['USR_PHONE'];
$aData['USR_ZIP_CODE'] = $form['USR_ZIP_CODE'];
$aData['USR_POSITION'] = $form['USR_POSITION'];
// Commented by removal of resume in the addition and modification of user.
// $aData['USR_RESUME'] = $form['USR_RESUME'];
$aData['USR_ROLE'] = $form['USR_ROLE'];
$aData['USR_REPLACED_BY'] = $form['USR_REPLACED_BY'];
require_once 'classes/model/Users.php';
$oUser = new Users();
$oUser->create( $aData );
if ($_FILES['form']['error']['USR_PHOTO'] != 1) {
if ($_FILES['form']['tmp_name']['USR_PHOTO'] != '') {
G::uploadFile( $_FILES['form']['tmp_name']['USR_PHOTO'], PATH_IMAGES_ENVIRONMENT_USERS, $sUserUID . '.gif' );
}
} else {
G::SendTemporalMessage( 'ID_FILE_TOO_BIG', 'error' );
}
if ($_FILES['form']['error']['USR_RESUME'] != 1) {
if ($_FILES['form']['tmp_name']['USR_RESUME'] != '') {
G::uploadFile( $_FILES['form']['tmp_name']['USR_RESUME'], PATH_IMAGES_ENVIRONMENT_FILES . $sUserUID . '/', $_FILES['form']['name']['USR_RESUME'] );
}
} else {
G::SendTemporalMessage( 'ID_FILE_TOO_BIG', 'error' );
}
} else {
$aData['USR_UID'] = $form['USR_UID'];
$aData['USR_USERNAME'] = $form['USR_USERNAME'];
if (isset( $form['USR_PASSWORD'] )) {
if ($form['USR_PASSWORD'] != '') {
$aData['USR_PASSWORD'] = $form['USR_PASSWORD'];
require_once 'classes/model/UsersProperties.php';
$oUserProperty = new UsersProperties();
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists( $form['USR_UID'], array ('USR_PASSWORD_HISTORY' => serialize( array (G::encryptOld( $form['USR_PASSWORD'] )
) )
) );
$RBAC->loadUserRolePermission( 'PROCESSMAKER', $_SESSION['USER_LOGGED'] );
if ($RBAC->aUserInfo['PROCESSMAKER']['ROLE']['ROL_CODE'] == 'PROCESSMAKER_ADMIN') {
$aUserProperty['USR_LAST_UPDATE_DATE'] = date( 'Y-m-d H:i:s' );
$aUserProperty['USR_LOGGED_NEXT_TIME'] = 1;
$oUserProperty->update( $aUserProperty );
}
$aErrors = $oUserProperty->validatePassword( $form['USR_NEW_PASS'], $aUserProperty['USR_LAST_UPDATE_DATE'], 0 );
if (count( $aErrors ) > 0) {
$sDescription = G::LoadTranslation( 'ID_POLICY_ALERT' ) . ':<br /><br />';
foreach ($aErrors as $sError) {
switch ($sError) {
case 'ID_PPP_MINIMUN_LENGTH':
$sDescription .= ' - ' . G::LoadTranslation( $sError ) . ': ' . PPP_MINIMUN_LENGTH . '<br />';
break;
case 'ID_PPP_MAXIMUN_LENGTH':
$sDescription .= ' - ' . G::LoadTranslation( $sError ) . ': ' . PPP_MAXIMUN_LENGTH . '<br />';
break;
case 'ID_PPP_EXPIRATION_IN':
$sDescription .= ' - ' . G::LoadTranslation( $sError ) . ' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation( 'ID_DAYS' ) . '<br />';
break;
default:
$sDescription .= ' - ' . G::LoadTranslation( $sError ) . '<br />';
break;
}
}
$sDescription .= '<br />' . G::LoadTranslation( 'ID_PLEASE_CHANGE_PASSWORD_POLICY' );
G::SendMessageText( $sDescription, 'warning' );
G::header( 'Location: ' . $_SERVER['HTTP_REFERER'] );
die();
}
$aHistory = unserialize( $aUserProperty['USR_PASSWORD_HISTORY'] );
if (! is_array( $aHistory )) {
$aHistory = array ();
}
if (! defined( 'PPP_PASSWORD_HISTORY' )) {
define( 'PPP_PASSWORD_HISTORY', 0 );
}
if (PPP_PASSWORD_HISTORY > 0) {
//it's looking a password igual into aHistory array that was send for post in md5 way
$c = 0;
$sw = 1;
while (count( $aHistory ) >= 1 && count( $aHistory ) > $c && $sw) {
if (strcmp( trim( $aHistory[$c] ), trim( $form['USR_PASSWORD'] ) ) == 0) {
$sw = 0;
}
$c ++;
}
if ($sw == 0) {
$sDescription = G::LoadTranslation( 'ID_POLICY_ALERT' ) . ':<br /><br />';
$sDescription .= ' - ' . G::LoadTranslation( 'PASSWORD_HISTORY' ) . ': ' . PPP_PASSWORD_HISTORY . '<br />';
$sDescription .= '<br />' . G::LoadTranslation( 'ID_PLEASE_CHANGE_PASSWORD_POLICY' ) . '';
G::SendMessageText( $sDescription, 'warning' );
G::header( 'Location: ' . $_SERVER['HTTP_REFERER'] );
die();
}
//
if (count( $aHistory ) >= PPP_PASSWORD_HISTORY) {
$sLastPassw = array_shift( $aHistory );
}
$aHistory[] = $form['USR_PASSWORD'];
}
$aUserProperty['USR_LAST_UPDATE_DATE'] = date( 'Y-m-d H:i:s' );
$aUserProperty['USR_LOGGED_NEXT_TIME'] = 1;
$aUserProperty['USR_PASSWORD_HISTORY'] = serialize( $aHistory );
$oUserProperty->update( $aUserProperty );
}
}
$aData['USR_FIRSTNAME'] = $form['USR_FIRSTNAME'];
$aData['USR_LASTNAME'] = $form['USR_LASTNAME'];
$aData['USR_EMAIL'] = $form['USR_EMAIL'];
$aData['USR_DUE_DATE'] = $form['USR_DUE_DATE'];
$aData['USR_UPDATE_DATE'] = date( 'Y-m-d H:i:s' );
if (isset( $form['USR_STATUS'] )) {
$aData['USR_STATUS'] = $form['USR_STATUS'];
}
if (isset( $form['USR_ROLE'] )) {
$RBAC->updateUser( $aData, $form['USR_ROLE'] );
} else {
$RBAC->updateUser( $aData );
}
$aData['USR_COUNTRY'] = $form['USR_COUNTRY'];
$aData['USR_CITY'] = $form['USR_CITY'];
$aData['USR_LOCATION'] = $form['USR_LOCATION'];
$aData['USR_ADDRESS'] = $form['USR_ADDRESS'];
$aData['USR_PHONE'] = $form['USR_PHONE'];
$aData['USR_ZIP_CODE'] = $form['USR_ZIP_CODE'];
$aData['USR_POSITION'] = $form['USR_POSITION'];
if ($form['USR_RESUME'] != '') {
$aData['USR_RESUME'] = $form['USR_RESUME'];
}
if (isset( $form['USR_ROLE'] )) {
$aData['USR_ROLE'] = $form['USR_ROLE'];
}
if (isset( $form['USR_REPLACED_BY'] )) {
$aData['USR_REPLACED_BY'] = $form['USR_REPLACED_BY'];
}
if (isset( $form['USR_AUTH_USER_DN'] )) {
$aData['USR_AUTH_USER_DN'] = $form['USR_AUTH_USER_DN'];
}
require_once 'classes/model/Users.php';
$oUser = new Users();
$oUser->update( $aData );
$aExtensions = array ("AIS","BMP","BW","CDR","CDT","CGM","CMX","CPT","DCX","DIB","EMF","GBR","GIF","GIH","ICO","IFF","ILBM","JFIF","JIF","JPE","JPEG","JPG","KDC","LBM","MAC","PAT","PCD","PCT","PCX","PIC","PICT","PNG","PNTG","PIX","PSD","PSP","QTI","QTIF","RGB","RGBA","RIF","RLE","SGI","TGA","TIF","TIFF","WMF","XCF"
);
$sPhotoFile = $_FILES['form']['name']['USR_PHOTO'];
$aPhotoFile = explode( '.', $sPhotoFile );
$sExtension = strtoupper( $aPhotoFile[sizeof( $aPhotoFile ) - 1] );
if ((strlen( $sPhotoFile ) > 0) && (! in_array( $sExtension, $aExtensions ))) {
throw (new Exception( G::LoadTranslation( 'ID_ERROR_UPLOADING_IMAGE_TYPE' ) ));
}
if ($_FILES['form']['error']['USR_PHOTO'] != 1) {
if ($_FILES['form']['tmp_name']['USR_PHOTO'] != '') {
$aAux = explode( '.', $_FILES['form']['name']['USR_PHOTO'] );
G::uploadFile( $_FILES['form']['tmp_name']['USR_PHOTO'], PATH_IMAGES_ENVIRONMENT_USERS, $aData['USR_UID'] . '.' . $aAux[1] );
G::resizeImage( PATH_IMAGES_ENVIRONMENT_USERS . $aData['USR_UID'] . '.' . $aAux[1], 96, 96, PATH_IMAGES_ENVIRONMENT_USERS . $aData['USR_UID'] . '.gif' );
}
} else {
G::SendTemporalMessage( 'ID_FILE_TOO_BIG', 'error' );
}
if ($_FILES['form']['error']['USR_RESUME'] != 1) {
if ($_FILES['form']['tmp_name']['USR_RESUME'] != '') {
G::uploadFile( $_FILES['form']['tmp_name']['USR_RESUME'], PATH_IMAGES_ENVIRONMENT_FILES . $aData['USR_UID'] . '/', $_FILES['form']['name']['USR_RESUME'] );
}
} else {
G::SendTemporalMessage( 'ID_FILE_TOO_BIG', 'error' );
}
}
if ($_SESSION['USER_LOGGED'] == $form['USR_UID']) {
/*UPDATING SESSION VARIABLES*/
$aUser = $RBAC->userObj->load( $_SESSION['USER_LOGGED'] );
$_SESSION['USR_FULLNAME'] = $aUser['USR_FIRSTNAME'] . ' ' . $aUser['USR_LASTNAME'];
}
//Save Calendar assigment
if ((isset( $form['USR_CALENDAR'] ))) {
//Save Calendar ID for this user
$calendarObj = new Calendar();
$calendarObj->assignCalendarTo( $aData['USR_UID'], $form['USR_CALENDAR'], 'USER' );
}
G::header( 'location: users_List' );
} catch (Exception $e) {
$G_MAIN_MENU = 'processmaker';
$G_SUB_MENU = 'users';
$G_ID_MENU_SELECTED = 'USERS';
$G_ID_SUB_MENU_SELECTED = '';
$aMessage = array ();
$aMessage['MESSAGE'] = $e->getMessage();
$G_PUBLISH = new Publisher();
$G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'login/showMessage', '', $aMessage );
G::RenderPage( 'publish', 'blank' );
}

42
workflow/engine/src/ProcessMaker/BusinessModel/User.php
View File

@@ -1151,43 +1151,23 @@ class User
*/
public function testPassword($sPassword = '')
{
$oUserProperty = new UsersProperties();
$aFields = array();
$userProperty = new UsersProperties();
$fields = [];
$dateNow = date('Y-m-d H:i:s');
$aErrors = $oUserProperty->validatePassword($sPassword, $dateNow, 0);
if (!empty($aErrors)) {
$errorInPassword = $userProperty->validatePassword($sPassword, $dateNow, 0);
if (!empty($errorInPassword)) {
if (!defined('NO_DISPLAY_USERNAME')) {
define('NO_DISPLAY_USERNAME', 1);
}
$aFields = array();
$aFields['DESCRIPTION'] = G::LoadTranslation('ID_POLICY_ALERT');
foreach ($aErrors as $sError) {
switch ($sError) {
case 'ID_PPP_MINIMUM_LENGTH':
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MINIMUM_LENGTH . '. ';
$aFields[substr($sError, 3)] = PPP_MINIMUM_LENGTH;
break;
case 'ID_PPP_MAXIMUM_LENGTH':
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MAXIMUM_LENGTH . '. ';
$aFields[substr($sError, 3)] = PPP_MAXIMUM_LENGTH;
break;
case 'ID_PPP_EXPIRATION_IN':
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation('ID_DAYS') . '. ';
$aFields[substr($sError, 3)] = PPP_EXPIRATION_IN;
break;
default:
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError);
$aFields[substr($sError, 3)] = 1;
break;
}
}
$aFields['DESCRIPTION'] .= G::LoadTranslation('ID_PLEASE_CHANGE_PASSWORD_POLICY');
$aFields['STATUS'] = false;
//We will to get the message for test the password
$fields = $userProperty->getMessageValidatePassword($errorInPassword, true, true);
$fields['STATUS'] = false;
} else {
$aFields['DESCRIPTION'] = G::LoadTranslation('ID_PASSWORD_COMPLIES_POLICIES');
$aFields['STATUS'] = true;
$fields['DESCRIPTION'] = G::LoadTranslation('ID_PASSWORD_COMPLIES_POLICIES');
$fields['STATUS'] = true;
}
return $aFields;
return $fields;
}
/**