-
-
Save thinhnd8752/a92f15c1f6a8b9f97c4a8bb9c2065f88 to your computer and use it in GitHub Desktop.
Revisions
-
mattrude revised this gist
Oct 14, 2012 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -65,11 +65,11 @@ function changePassword($user,$oldPassword,$newPassword,$newPasswordCnf){ $encoded_newPassword = "{SHA}" . base64_encode( pack( "H*", sha1( $newPassword ) ) ); $history_arr = ldap_get_values($con,$user_dn,"passwordhistory"); if ( $history_arr ) { $message[] = "Error E102 - Your new password matches one of the last 10 passwords that you used, you MUST come up with a new password."; return false; } if (strlen($newPassword) < 8 ) { $message[] = "Error E103 - Your new password is too short.<br/>Your password must be at least 8 characters long."; return false; } if (!preg_match("/[0-9]/",$newPassword)) { -
Sep 16, 2012 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -102,7 +102,7 @@ function changePassword($user,$oldPassword,$newPassword,$newPasswordCnf){ /* And Finally, Change the password */ $entry = array(); $entry["userPassword"] = "$encoded_newPassword"; if (ldap_modify($con,$user_dn,$entry) === false){ $error = ldap_error($con); -
Aug 25, 2012 . 1 changed file with 65 additions and 50 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,39 +1,54 @@ <?php /** * LDAP PHP Change Password Webpage * @author: Matt Rude <http://mattrude.com> * @website: http://technology.mattrude.com/2010/11/ldap-php-change-password-webpage/ * * * GNU GENERAL PUBLIC LICENSE * Version 2, June 1991 * * Copyright (C) 1989, 1991 Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA * Everyone is permitted to copy and distribute verbatim copies * of this license document, but changing it is not allowed. */ $message = array(); $message_css = ""; function changePassword($user,$oldPassword,$newPassword,$newPasswordCnf){ global $message; global $message_css; $server = "localhost"; $dn = "ou=People,dc=example"; error_reporting(0); ldap_connect($server); $con = ldap_connect($server); ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3); // bind anon and find user by uid $user_search = ldap_search($con,$dn,"(|(uid=$user)(mail=$user))"); $user_get = ldap_get_entries($con, $user_search); $user_entry = ldap_first_entry($con, $user_search); $user_dn = ldap_get_dn($con, $user_entry); $user_id = $user_get[0]["uid"][0]; $user_givenName = $user_get[0]["givenName"][0]; $user_search_arry = array( "*", "ou", "uid", "mail", "passwordRetryCount", "passwordhistory" ); $user_search_filter = "(|(uid=$user_id)(mail=$user))"; $user_search_opt = ldap_search($con,$user_dn,$user_search_filter,$user_search_arry); $user_get_opt = ldap_get_entries($con, $user_search_opt); $passwordRetryCount = $user_get_opt[0]["passwordRetryCount"][0]; $passwordhistory = $user_get_opt[0]["passwordhistory"][0]; //$message[] = "Username: " . $user_id; //$message[] = "DN: " . $user_dn; //$message[] = "Current Pass: " . $oldPassword; //$message[] = "New Pass: " . $newPassword; /* Start the testing */ if ( $passwordRetryCount == 3 ) { $message[] = "Error E101 - Your Account is Locked Out!!!"; @@ -75,58 +90,58 @@ function changePassword($user,$oldPassword,$newPassword,$newPasswordCnf){ } if (!$user_get) { $message[] = "Error E200 - Unable to connect to server, you may not change your password at this time, sorry."; return false; } $auth_entry = ldap_first_entry($con, $user_search); $mail_addresses = ldap_get_values($con, $auth_entry, "mail"); $given_names = ldap_get_values($con, $auth_entry, "givenName"); $password_history = ldap_get_values($con, $auth_entry, "passwordhistory"); $mail_address = $mail_addresses[0]; $first_name = $given_names[0]; /* And Finally, Change the password */ $entry = array(); $entry["userPassword"] = "$newPassword"; if (ldap_modify($con,$user_dn,$entry) === false){ $error = ldap_error($con); $errno = ldap_errno($con); $message[] = "E201 - Your password cannot be change, please contact the administrator."; $message[] = "$errno - $error"; } else { $message_css = "yes"; mail($mail_address,"Password change notice","Dear $first_name, Your password on http://support.example.com for account $user_id was just changed. If you did not make this change, please contact [email protected]. If you were the one who changed your password, you may disregard this message. Thanks -Matt"); $message[] = "The password for $user_id has been changed.<br/>An informational email as been sent to $mail_address.<br/>Your new password is now fully Active."; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Password Change Page</title> <style type="text/css"> body { font-family: Verdana,Arial,Courier New; font-size: 0.7em; } th { text-align: right; padding: 0.8em; } #container { text-align: center; width: 500px; margin: 5% auto; } .msg_yes { margin: 0 auto; text-align: center; color: green; background: #D4EAD4; border: 1px solid green; border-radius: 10px; margin: 2px; } .msg_no { margin: 0 auto; text-align: center; color: red; background: #FFF0F0; border: 1px solid red; border-radius: 10px; margin: 2px; } </style> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> </head> <body> <div id="container"> <h2>Password Change Page</h2> <p>Your new password must be 8 characters long or longer and have at least:<br/> one capital letter, one lowercase letter, & one number.<br/> You must use a new password, your current password<br/>can not be the same as your new password.</p> <?php if (isset($_POST["submitted"])) { changePassword($_POST['username'],$_POST['oldPassword'],$_POST['newPassword1'],$_POST['newPassword2']); global $message_css; @@ -139,18 +154,18 @@ function changePassword($user,$oldPassword,$newPassword,$newPasswordCnf){ foreach ( $message as $one ) { echo "<p>$one</p>"; } ?></div><?php } ?> <form action="<?php print $_SERVER['PHP_SELF']; ?>" name="passwordChange" method="post"> <table style="width: 400px; margin: 0 auto;"> <tr><th>Username or Email Address:</th><td><input name="username" type="text" size="20px" autocomplete="off" /></td></tr> <tr><th>Current password:</th><td><input name="oldPassword" size="20px" type="password" /></td></tr> <tr><th>New password:</th><td><input name="newPassword1" size="20px" type="password" /></td></tr> <tr><th>New password (again):</th><td><input name="newPassword2" size="20px" type="password" /></td></tr> <tr><td colspan="2" style="text-align: center;" > <input name="submitted" type="submit" value="Change Password"/> <button onclick="$('frm').action='changepassword.php';$('frm').submit();">Cancel</button> </td></tr> </table> </form> </div> </body> </html> -
Jan 18, 2012 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -97,7 +97,7 @@ function changePassword($user,$oldPassword,$newPassword,$newPasswordCnf){ } else { $message_css = "yes"; mail($mail_address,"Password change notice","Dear $first_name, Your password on http://support.example.com for account $user_id was just changed. If you did not make this change, please contact support@example.com. If you were the one who changed your password, you may disregard this message. Thanks -
Nov 8, 2010 . 1 changed file with 94 additions and 49 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,111 +1,156 @@ <?php $message = array(); $message_css = ""; function changePassword($user,$oldPassword,$newPassword,$newPasswordCnf){ global $message; global $message_css; $server = "localhost"; $dn = "ou=People,dc=example"; error_reporting(0); ldap_connect($server); $con = ldap_connect($server); ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3); // bind anon and find user by uid $user_search = ldap_search($con,$dn,"(|(uid=$user)(mail=$user))"); $user_get = ldap_get_entries($con, $user_search); $user_entry = ldap_first_entry($con, $user_search); $user_dn = ldap_get_dn($con, $user_entry); $user_id = $user_get[0]["uid"][0]; $user_givenName = $user_get[0]["givenName"][0]; $user_search_arry = array( "*", "ou", "uid", "mail", "passwordRetryCount", "passwordhistory" ); $user_search_filter = "(|(uid=$user_id)(mail=$user))"; $user_search_opt = ldap_search($con,$user_dn,$user_search_filter,$user_search_arry); $user_get_opt = ldap_get_entries($con, $user_search_opt); $passwordRetryCount = $user_get_opt[0]["passwordRetryCount"][0]; $passwordhistory = $user_get_opt[0]["passwordhistory"][0]; //$message[] = "Username: " . $user_id; //$message[] = "DN: " . $user_dn; //$message[] = "Current Pass: " . $oldPassword; //$message[] = "New Pass: " . $newPassword; /* Start the testing */ if ( $passwordRetryCount == 3 ) { $message[] = "Error E101 - Your Account is Locked Out!!!"; return false; } if (ldap_bind($con, $user_dn, $oldPassword) === false) { $message[] = "Error E101 - Current Username or Password is wrong."; return false; } if ($newPassword != $newPasswordCnf ) { $message[] = "Error E102 - Your New passwords do not match!"; return false; } $encoded_newPassword = "{SHA}" . base64_encode( pack( "H*", sha1( $newPassword ) ) ); $history_arr = ldap_get_values($con,$user_dn,"passwordhistory"); if ( $history_arr ) { $message[] = "Error E102 - Your New password matches one of the last 10 passwords that you used, you MUST come up with a new password."; return false; } if (strlen($newPassword) < 8 ) { $message[] = "Error E103 - Your new password is too short!<br/>Your password must be at least 8 characters long."; return false; } if (!preg_match("/[0-9]/",$newPassword)) { $message[] = "Error E104 - Your new password must contain at least one number."; return false; } if (!preg_match("/[a-zA-Z]/",$newPassword)) { $message[] = "Error E105 - Your new password must contain at least one letter."; return false; } if (!preg_match("/[A-Z]/",$newPassword)) { $message[] = "Error E106 - Your new password must contain at least one uppercase letter."; return false; } if (!preg_match("/[a-z]/",$newPassword)) { $message[] = "Error E107 - Your new password must contain at least one lowercase letter."; return false; } if (!$user_get) { $message[] = "Error E200 - Unable to connect to server, you may not change your password at this time, sorry."; return false; } $auth_entry = ldap_first_entry($con, $user_search); $mail_addresses = ldap_get_values($con, $auth_entry, "mail"); $given_names = ldap_get_values($con, $auth_entry, "givenName"); $password_history = ldap_get_values($con, $auth_entry, "passwordhistory"); $mail_address = $mail_addresses[0]; $first_name = $given_names[0]; /* And Finally, Change the password */ $entry = array(); $entry["userPassword"] = "$newPassword"; if (ldap_modify($con,$user_dn,$entry) === false){ $error = ldap_error($con); $errno = ldap_errno($con); $message[] = "E201 - Your password cannot be change, please contact the administrator."; $message[] = "$errno - $error"; } else { $message_css = "yes"; mail($mail_address,"Password change notice","Dear $first_name, Your password on https://mail.mattrude.com for account $user_id was just changed. If you did not make this change, please contact the Matt at [email protected]. If you were the one who changed your password, you may disregard this message. Thanks -Matt"); $message[] = "The password for $user_id has been changed.<br/>An informational email as been sent to $mail_address.<br/>Your new password is now fully Active."; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Password Change Page</title> <style type="text/css"> body { font-family: Verdana,Arial,Courier New; font-size: 0.7em; } th { text-align: right; padding: 0.8em; } #container { text-align: center; width: 500px; margin: 5% auto; } .msg_yes { margin: 0 auto; text-align: center; color: green; background: #D4EAD4; border: 1px solid green; border-radius: 10px; margin: 2px; } .msg_no { margin: 0 auto; text-align: center; color: red; background: #FFF0F0; border: 1px solid red; border-radius: 10px; margin: 2px; } </style> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> </head> <body> <div id="container"> <h2>Password Change Page</h2> <p>Your new password must be 8 characters long or longer and have at least:<br/> one capital letter, one lowercase letter, & one number.<br/> You must use a new password, your current password<br/>can not be the same as your new password.</p> <?php if (isset($_POST["submitted"])) { changePassword($_POST['username'],$_POST['oldPassword'],$_POST['newPassword1'],$_POST['newPassword2']); global $message_css; if ($message_css == "yes") { ?><div class="msg_yes"><?php } else { ?><div class="msg_no"><?php $message[] = "Your password was not changed."; } foreach ( $message as $one ) { echo "<p>$one</p>"; } ?></div><?php } ?> <form action="<?php print $_SERVER['PHP_SELF']; ?>" name="passwordChange" method="post"> <table style="width: 400px; margin: 0 auto;"> <tr><th>Username or Email Address:</th><td><input name="username" type="text" size="20px" autocomplete="off" /></td></tr> <tr><th>Current password:</th><td><input name="oldPassword" size="20px" type="password" /></td></tr> <tr><th>New password:</th><td><input name="newPassword1" size="20px" type="password" /></td></tr> <tr><th>New password (again):</th><td><input name="newPassword2" size="20px" type="password" /></td></tr> <tr><td colspan="2" style="text-align: center;" > <input name="submitted" type="submit" value="Change Password"/> <button onclick="$('frm').action='changepassword.php';$('frm').submit();">Cancel</button> </td></tr> </table> </form> </div> </body> </html> -
Oct 31, 2010 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,111 @@ <?php $message = array(); function changePassword($user,$oldPassword,$newPassword,$newPasswordCnf){ global $message; $server = "localhost"; $dn = "ou=People,dc=example,dc=com"; $userid = $user; $user = "uid=".$user.",".$dn; error_reporting(0); ldap_connect($server); $con = ldap_connect($server); ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3); // bind anon and find user by uid $sr = ldap_search($con,$dn,"(uid=*)"); $records = ldap_get_entries($con, $sr); $message[] = "Username: " . $userid; //$message[] = "DN: " . $user; //$message[] = "Current Pass: " . $oldPassword; //$message[] = "New Pass: " . $newPassword; /* try to bind as that user */ if (ldap_bind($con, $user, $oldPassword) === false) { $message[] = "Error E101 - Current Username or Password is wrong."; return false; } if ($newPassword != $newPasswordCnf ) { $message[] = "Error E102 - Your New passwords do not match! "; return false; } if (strlen($newPassword) < 8 ) { $message[] = "Error E103 - Your new password is too short! "; return false; } if (!preg_match("/[0-9]/",$newPassword)) { $message[] = "Error E104 - Your new password must contain at least one digit. "; return false; } if (!preg_match("/[a-zA-Z]/",$newPassword)) { $message[] = "Error E105 - Your new password must contain at least one letter. "; return false; } if (!preg_match("/[A-Z]/",$newPassword)) { $message[] = "Error E106 - Your new password must contain at least one uppercase letter. "; return false; } if (!preg_match("/[a-z]/",$newPassword)) { $message[] = "Error E107 - Your new password must contain at least one lowercase letter. "; return false; } if (!$records) { $message[] = "Error E200 - Unable to connect to server, you may not change your password at this time, sorry."; return false; } /* change the password finally */ $entry = array(); $entry["userPassword"] = "{SHA}" . base64_encode( pack( "H*", sha1( $newPassword ) ) ); if (ldap_modify($con,$user,$entry) === false){ $message[] = "E201 - Your password cannot be change, please contact the administrator."; } else { $message[] = " Your password has been changed. "; //mail($records[0]["mail"][0],"Password change notice : ".$userid," Your password has just been changed."); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Password Change Page</title> <style type="text/css"> body { font-family: Verdana,Arial,Courier New; font-size: 0.7em; } input:focus { background-color: #eee; border-color: red; } th { text-align: right; padding: 0.8em; } #container { text-align: center; width: 500px; margin: 5% auto; } ul { text-align: left; list-style-type: square; } .msg { margin: 0 auto; text-align: center; color: navy; border-top: 1px solid red; border-bottom: 1px solid red; } </style> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> </head> <body> <div id="container"> <h2>Password Change Page</h2> <ul></ul> <form action="<?php print $_SERVER['PHP_SELF']; ?>" name="passwordChange" method="post"> <table style="width: 400px; margin: 0 auto;"> <tr><th>Username:</th><td><input name="username" type="text" size="20" autocomplete="off" /></td></tr> <tr><th>Old password:</th><td><input name="oldPassword" size="20" type="password" /></td></tr> <tr><th>New password:</th><td><input name="newPassword1" size="20" type="password" /></td></tr> <tr><th>New password (again):</th><td><input name="newPassword2" size="20" type="password" /></td></tr> <tr><td colspan="2" style="text-align: center;" > <input name="submitted" type="submit" value="Change Password"/> <button onclick="$('frm').action='changepassword.php';$('frm').submit();">Cancel</button> </td></tr> </table> </form> <div class="msg"><?php if (isset($_POST["submitted"])) { changePassword($_POST['username'],$_POST['oldPassword'],$_POST['newPassword1'],$_POST['newPassword2']); foreach ( $message as $one ) { echo "<p>$one</p>"; } } ?> </div> </div> </body> </html>