Added administrative password change feature

master
Thomas Hooge 12 months ago
parent 4266a211e0
commit c76e8fe9d3
  1. BIN
      images/key_add.png
  2. 1
      lang/de.php
  3. 1
      lang/en.php
  4. 6
      tpl/useredit.tpl
  5. 24
      tpl/userview.tpl
  6. 33
      user.php

Binary file not shown.

After

Width:  |  Height:  |  Size: 703 B

@ -42,6 +42,7 @@ $lang = array(
'lang_logout' => 'Abmelden',
'lang_options' => 'Optionen',
'lang_option_none' => '(kein)',
'lang_pass_set' => 'Neues Kennwort einstellen',
'lang_reset' => 'Zurücksetzen',
'lang_search' => 'Suche',
'lang_statistics' => 'Statistik',

@ -42,6 +42,7 @@ $lang = array(
'lang_logout' => 'Logout',
'lang_options' => 'Options',
'lang_option_none' => '(none)',
'lang_pass_set' => 'Set new password',
'lang_reset' => 'Reset',
'lang_search' => 'Search',
'lang_statistics' => 'Statistics',

@ -60,7 +60,7 @@
{$lang_user_role_add}
</td>
<td class="value">
<img src="images/page_add.png" alt="[Add]">
<img src="images/add.png" alt="[Add]">
<input type="checkbox" name="role_add" {if in_array('add', $user->role)} checked="checked"{/if}
</td>
</tr>
@ -69,7 +69,7 @@
{$lang_user_role_edit}
</td>
<td class="value">
<img src="images/page_edit.png" alt="[Edit]">
<img src="images/edit.png" alt="[Edit]">
<input type="checkbox" name="role_edit" {if in_array('edit', $user->role)} checked="checked"{/if}
</td>
</tr>
@ -79,7 +79,7 @@
{$lang_user_role_delete}
</td>
<td class="value">
<img src="images/page_delete.png" alt="[Delete]">
<img src="images/delete.png" alt="[Delete]">
<input type="checkbox" name="role_delete" {if in_array('delete', $user->role)} checked="checked"{/if}
</td>
</tr>

@ -50,13 +50,13 @@
</td>
<td class="value">
{if in_array('add', $user->role)}
<img src="images/page_add.png" alt="{$lang_user_role_add}"{if $suser_tooltips} title="{$lang_user_role_add}"{/if} />
<img src="images/add.png" alt="{$lang_user_role_add}"{if $suser_tooltips} title="{$lang_user_role_add}"{/if} />
{/if}
{if in_array('edit', $user->role)}
<img src="images/page_edit.png" alt="{$lang_user_role_edit}"{if $suser_tooltips} title="{$lang_user_role_edit}"{/if} />
<img src="images/edit.png" alt="{$lang_user_role_edit}"{if $suser_tooltips} title="{$lang_user_role_edit}"{/if} />
{/if}
{if in_array('delete', $user->role)}
<img src="images/page_delete.png" alt="{$lang_user_role_delete}"{if $suser_tooltips} title="{$lang_user_role_delete}"{/if} />
<img src="images/delete.png" alt="{$lang_user_role_delete}"{if $suser_tooltips} title="{$lang_user_role_delete}"{/if} />
{/if}
{if in_array('manage', $user->role)}
<img src="images/manage.png" alt="{$lang_user_role_manage}"{if $suser_tooltips} title="{$lang_user_role_manage}"{/if} />
@ -66,4 +66,22 @@
{/if}
</td>
</tr>
{if $suser_manage}
<tr>
<td class="label">
{if $newpass}
{$lang_options_newpassword1}
{else}
{$lang_pass_set}
{/if}
</td>
<td class="value">
{if $newpass}
{$newpass}
{else}
<a href="{$g_scriptname}?f=pass&amp;id={$user->id}"><img src="images/key_add.png" alt="{$lang_reset}"{if $suser_tooltips} title="{$lang_pass_set}"{/if} /></a>
{/if}
</td>
</tr>
{/if}
</table>

@ -18,6 +18,23 @@ if (isset($_REQUEST['id'])) {
$id = (int) $_REQUEST['id'] or $id = 0;
}
function makepwd($length) {
mt_srand((double) microtime() * 1000000);
$digits = "0123456789";
$chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
$umlauts = "ÄÖÜäöüß";
$specials = "!§$%&/()=?[]{}+~*#.,;:<>|";
$vocals = "AEIOUaeiou";
$consonants = "BCDFGHJKLMNPQRSTVWXYZbcdfghjklmnpqrstvwxyz";
$passwd = '';
$possible = $chars . $digits;
$l = strlen($possible)-1;
for ($k = 0; $k < $length; $k += 1) {
$passwd .= $possible[mt_rand(0, $l)];
}
return $passwd;
}
// ========== ACTIONS START ===================================================
switch ($submit = form_get_action()) {
@ -28,6 +45,22 @@ switch ($submit = form_get_action()) {
case 'edit': $action = ACT_EDIT; break;
case 'del': $action = ACT_DELETE; break;
case 'pass':
// Create new random password to display once
$newpass = makepwd(8);
$sql = "UPDATE user SET user_pass=:pass WHERE user_id=:id";
$sth = $dbh->prepare($sql);
$sth->bindValue(':id', $id, PDO::PARAM_INT);
$sth->bindValue(':pass', password_hash($newpass, PASSWORD_BCRYPT), PDO::PARAM_STR);
try {
$sth->execute();
} catch (PDOException $e) {
$g_warning->Add($e->getMessage());
}
$smarty->assign('newpass', $newpass);
$action = ACT_VIEW;
break;
case 'insert':
$user_name = strtolower(sanitize($_POST['user_name']));
$user_displayname = sanitize($_POST['user_displayname']);