Overview

Packages

  • None
  • Passwd

Classes

  • Passwd
  • Passwd_Driver
  • Passwd_Driver_Adsi
  • Passwd_Driver_Composite
  • Passwd_Driver_Expect
  • Passwd_Driver_Expectpecl
  • Passwd_Driver_Horde
  • Passwd_Driver_Http
  • Passwd_Driver_Kolab
  • Passwd_Driver_Ldap
  • Passwd_Driver_Pine
  • Passwd_Driver_Poppassd
  • Passwd_Driver_Procopen
  • Passwd_Driver_Pspasswd
  • Passwd_Driver_Servuftp
  • Passwd_Driver_Smbldap
  • Passwd_Driver_Smbpasswd
  • Passwd_Driver_Soap
  • Passwd_Driver_Sql
  • Passwd_Driver_Vmailmgr
  • Passwd_Driver_Vpopmail
  • Passwd_Exception
  • Passwd_Factory_Driver
  • Overview
  • Package
  • Class
  • Tree
 1: <?php
 2: /**
 3:  * The Kolab class attempts to change a user's password on the designated Kolab
 4:  * backend. Based off the LDAP passwd class.
 5:  *
 6:  * Copyright 2005-2012 Horde LLC (http://www.horde.org/)
 7:  *
 8:  * See the enclosed file COPYING for license information (GPL). If you
 9:  * did not receive this file, see http://www.horde.org/licenses/gpl.php.
10:  *
11:  * @todo Extend Passwd_Driver_Ldap, inject parameters.
12:  *
13:  * @author  Stuart Bingë <skbinge@gmail.com>
14:  * @package Passwd
15:  */
16: class Passwd_Driver_Kolab extends Passwd_Driver
17: {
18:     /**
19:      * Changes the user's password.
20:      *
21:      * @param string $username      The user for which to change the password.
22:      * @param string $old_password  The old (current) user password.
23:      * @param string $new_password  The new user password to set.
24:      *
25:      * @throws Passwd_Exception
26:      */
27:     public function changePassword($username, $old_password, $new_password)
28:     {
29:         // Connect to the LDAP server.
30:         $ds = ldap_connect(
31:             $GLOBALS['conf']['kolab']['ldap']['server'],
32:             $GLOBALS['conf']['kolab']['ldap']['port']
33:         );
34:         if (!$ds) {
35:             throw new Passwd_Exception(_("Could not connect to LDAP server"));
36:         }
37: 
38:         ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
39: 
40:         // Bind anonymously, or use the phpdn user if available.
41:         if (!empty($GLOBALS['conf']['kolab']['ldap']['phpdn'])) {
42:             $phpdn = $GLOBALS['conf']['kolab']['ldap']['phpdn'];
43:             $phppw = $GLOBALS['conf']['kolab']['ldap']['phppw'];
44:             $result = @ldap_bind($ds, $phpdn, $phppw);
45:         } else {
46:             $result = @ldap_bind($ds);
47:         }
48:         if (!$result) {
49:             throw new Passwd_Exception(_("Could not bind to LDAP server"));
50:         }
51: 
52:         // Make sure we're using the full user@domain format.
53:         if (strstr($username, '@') === false) {
54:             $username .= '@' . $GLOBALS['conf']['kolab']['imap']['maildomain'];
55:         }
56: 
57:         // Find the user's DN.
58:         $result = ldap_search(
59:             $ds,
60:             $GLOBALS['conf']['kolab']['ldap']['basedn'],
61:             "mail=$username"
62:         );
63:         $entry = ldap_first_entry($ds, $result);
64:         if ($entry === false) {
65:             throw new Passwd_Exception(_("User not found."));
66:         }
67: 
68:         $userdn = ldap_get_dn($ds, $entry);
69: 
70:         // Connect as the user.
71:         $result = @ldap_bind($ds, $userdn, $old_password);
72:         if (!$result) {
73:             throw new Passwd_Exception(_("Incorrect old password."));
74:         }
75: 
76:         // And finally change the password.
77:         $new_details['userPassword'] = '{sha}' .
78:             base64_encode(pack('H*', sha1($new_password)));
79: 
80:         if (!ldap_mod_replace($ds, $userdn, $new_details)) {
81:             throw new Passwd_Exception(ldap_error($ds));
82:         }
83: 
84:         ldap_unbind($ds);
85:     }
86: }
87: 
API documentation generated by ApiGen