HomeLab/ldap-user-manager
2
0
Fork 0
mirror of https://github.com/wheelybird/ldap-user-manager.git synced 2025-01-18 23:42:54 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
ldap-user-manager/www/account_manager/new_user.php

323 lines
10 KiB
PHP
Raw Blame History

<?php
set_include_path( ".:" . __DIR__ . "/../includes/");
include_once "web_functions.inc.php";
include_once "ldap_functions.inc.php";
include_once "module_functions.inc.php";
if ( $_POST['setup_admin_account'] ) {
$admin_setup = TRUE;
validate_setup_cookie();
set_page_access("setup");
$completed_action="/log_in";
$page_title="New administrator account";
render_header("Setup administrator account", FALSE);
}
else {
set_page_access("admin");
$completed_action="/$THIS_MODULE_PATH/";
$page_title="New account";
render_header();
render_submenu();
}
$invalid_password = FALSE;
$mismatched_passwords = FALSE;
$invalid_username = FALSE;
$weak_password = FALSE;
$invalid_email = FALSE;
if ($SMTP['host'] != "") { $can_send_email = TRUE; } else { $can_send_email = FALSE; }
if (isset($_POST['create_account'])) {
$ldap_connection = open_ldap_connection();
$first_name = stripslashes($_POST['first_name']);
$last_name = stripslashes($_POST['last_name']);
$username = stripslashes($_POST['username']);
$password = $_POST['password'];
if ($_POST['email']) { $email = stripslashes($_POST['email']); }
if ((!is_numeric($_POST['pass_score']) or $_POST['pass_score'] < 3) and $ACCEPT_WEAK_PASSWORDS != TRUE) { $weak_password = TRUE; }
if (isset($email) and !is_valid_email($email)) { $invalid_email = TRUE; }
if (preg_match("/\"|'/",$password)) { $invalid_password = TRUE; }
if ($_POST['password'] != $_POST['password_match']) { $mismatched_passwords = TRUE; }
if (!preg_match("/$USERNAME_REGEX/",$username)) { $invalid_username = TRUE; }
if (isset($_POST['send_email']) and isset($email) and $can_send_email == TRUE) { $send_user_email = TRUE; }
if ( isset($first_name)
and isset($last_name)
and isset($username)
and isset($password)
and !$mismatched_passwords
and !$weak_password
and !$invalid_password
and !$invalid_username
and !$invalid_email) {
$ldap_connection = open_ldap_connection();
$new_account = ldap_new_account($ldap_connection, $first_name, $last_name, $username, $password, $email);
if ($new_account) {
$creation_message = "The account was created.";
if (isset($send_user_email) and $send_user_email == TRUE) {
$mail_subject = "Your $ORGANISATION_NAME account has been created.";
$mail_body = <<<EoT
You've been set up with an account for $ORGANISATION_NAME. Your credentials are:
Username: $username
Password: $password
You should change your password as soon as possible. Log into the account manager at ${SITE_PROTOCOL}${SERVER_HOSTNAME}/log_in using your credentials.
Once logged in you can change your password at ${SITE_PROTOCOL}${SERVER_HOSTNAME}/change_password/
EoT;
include_once "mail_functions.inc.php";
$sent_email = send_email($email,"$first_name $last_name",$mail_subject,$mail_body);
$creation_message = "The account was created";
if ($sent_email) {
$creation_message .= " and an email sent to $email.";
}
else {
$creation_message .= " but unfortunately the email wasn't sent.<br>More information will be available in the logs.";
}
}
if ($admin_setup == TRUE) {
$member_add = ldap_add_member_to_group($ldap_connection, $LDAP['admins_group'], $username);
if (!$member_add) { ?>
<div class="alert alert-warning">
<p class="text-center"><?php print $creation_message; ?>. Unfortunately adding it to the admin group failed.</p>
</div>
<?php
}
}
?>
<div class="alert alert-success">
<p class="text-center"><?php print $creation_message; ?></p>
</div>
<form action='<?php print $completed_action; ?>'>
<p align="center">
<input type='submit' class="btn btn-success" value='Finished'>
</p>
</form>
<?php
render_footer();
exit(0);
}
else {
if (!$new_account) { ?>
<div class="alert alert-warning">
<p class="text-center">Failed to create the account.</p>
</div>
<?php
}
render_footer();
exit(0);
}
}
}
if ($weak_password) { ?>
<div class="alert alert-warning">
<p class="text-center">The password is too weak.</p>
</div>
<?php }
if ($invalid_password) { ?>
<div class="alert alert-warning">
<p class="text-center">The password contained invalid characters.</p>
</div>
<?php }
if ($invalid_email) { ?>
<div class="alert alert-warning">
<p class="text-center">The email address is invalid.</p>
</div>
<?php }
if ($mismatched_passwords) { ?>
<div class="alert alert-warning">
<p class="text-center">The passwords are mismatched.</p>
</div>
<?php }
if ($invalid_username) { ?>
<div class="alert alert-warning">
<p class="text-center">The username is invalid.</p>
</div>
<?php }
render_js_username_generator('first_name','last_name','username','username_div');
render_js_email_generator('username','email');
?>
<script src="//cdnjs.cloudflare.com/ajax/libs/zxcvbn/1.0/zxcvbn.min.js"></script>
<script type="text/javascript" src="/js/zxcvbn-bootstrap-strength-meter.js"></script>
<script type="text/javascript">
$(document).ready(function(){
$("#StrengthProgressBar").zxcvbnProgressBar({ passwordInput: "#password" });
});
</script>
<script type="text/javascript" src="/js/generate_passphrase.js"></script>
<script type="text/javascript" src="/js/wordlist.js"></script>
<script>
function check_passwords_match() {
if (document.getElementById('password').value != document.getElementById('confirm').value ) {
document.getElementById('password_div').classList.add("has-error");
document.getElementById('confirm_div').classList.add("has-error");
}
else {
document.getElementById('password_div').classList.remove("has-error");
document.getElementById('confirm_div').classList.remove("has-error");
}
}
function random_password() {
generatePassword(4,'-','password','confirm');
$("#StrengthProgressBar").zxcvbnProgressBar({ passwordInput: "#password" });
}
function back_to_hidden(passwordField,confirmField) {
var passwordField = document.getElementById(passwordField).type = 'password';
var confirmField = document.getElementById(confirmField).type = 'password';
}
</script>
<script>
function check_email_validity(email) {
var check_regex = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
if (! check_regex.test(email) ) {
document.getElementById("email_div").classList.add("has-error");
<?php if ($can_send_email == TRUE) { ?>document.getElementById("send_email_checkbox").disabled = true;<?php } ?>
}
else {
document.getElementById("email_div").classList.remove("has-error");
<?php if ($can_send_email == TRUE) { ?>document.getElementById("send_email_checkbox").disabled = false;<?php } ?>
}
}
</script>
<div class="container">
<div class="col-sm-8">
<div class="panel panel-default">
<div class="panel-heading text-center"><?php print $page_title; ?></div>
<div class="panel-body text-center">
<form class="form-horizontal" action="" method="post">
<?php if ($admin_setup == TRUE) { ?><input type="hidden" name="setup_admin_account" value="true"><?php } ?>
<input type="hidden" name="create_account">
<input type="hidden" id="pass_score" value="0" name="pass_score">
<div class="form-group">
<label for="first_name" class="col-sm-3 control-label">First name</label>
<div class="col-sm-6">
<input tabindex="1" type="text" class="form-control" id="first_name" name="first_name" <?php if (isset($first_name)){ print " value='$first_name'"; } ?> onkeyup="update_username(); update_email(); check_email_validity(document.getElementById('email').value)">
</div>
</div>
<div class="form-group">
<label for="last_name" class="col-sm-3 control-label">Last name</label>
<div class="col-sm-6">
<input tabindex="3" type="text" class="form-control" id="last_name" name="last_name" <?php if (isset($last_name)){ print " value='$last_name'"; } ?> onkeyup="update_username(); update_email(); check_email_validity(document.getElementById('email').value)">
</div>
</div>
<div class="form-group" id="username_div">
<label for="username" class="col-sm-3 control-label">Username</label>
<div class="col-sm-6">
<input tabindex="3" type="text" class="form-control" id="username" name="username" <?php if (isset($username)){ print " value='$username'"; } ?> onkeyup="check_entity_name_validity(document.getElementById('username').value,'username_div'); update_email(); check_email_validity(document.getElementById('email').value)">
</div>
</div>
<div class="form-group" id="email_div">
<label for="username" class="col-sm-3 control-label">Email</label>
<div class="col-sm-6">
<input tabindex="4" type="text" class="form-control" id="email" name="email" <?php if (isset($email)){ print " value='$email'"; } ?> onkeyup="auto_email_update = false; check_email_validity(document.getElementById('email').value)">
</div>
</div>
<div class="form-group" id="password_div">
<label for="password" class="col-sm-3 control-label">Password</label>
<div class="col-sm-6">
<input tabindex="5" type="text" class="form-control" id="password" name="password" onkeyup="back_to_hidden('password','confirm');">
</div>
<div class="col-sm-1">
<input tabindex="7" type="button" class="btn btn-sm" id="password_generator" onclick="random_password();" value="Generate password">
</div>
</div>
<div class="form-group" id="confirm_div">
<label for="confirm" class="col-sm-3 control-label">Confirm</label>
<div class="col-sm-6">
<input tabindex="6" type="password" class="form-control" id="confirm" name="password_match" onkeyup="check_passwords_match()">
</div>
</div>
<?php if ($can_send_email == TRUE and $admin_setup != TRUE) { ?>
<div class="form-group" id="send_email_div">
<label for="send_email" class="col-sm-3 control-label"> </label>
<div class="col-sm-6">
<input tabindex="8" type="checkbox" class="form-check-input" id="send_email_checkbox" name="send_email" disabled> Email these credentials to the user?
</div>
</div>
<?php } ?>
<div class="form-group">
<button tabindex="9" type="submit" class="btn btn-warning">Create account</button>
</div>
</form>
<div class="progress">
<div id="StrengthProgressBar" class="progress-bar"></div>
</div>
</div>
</div>
</div>
</div>
<?php
render_footer();
?>
Reference in New Issue View Git Blame Copy Permalink