27require
'../main.inc.php';
28require_once DOL_DOCUMENT_ROOT.
'/core/lib/admin.lib.php';
29require_once DOL_DOCUMENT_ROOT.
'/core/lib/security2.lib.php';
31$action =
GETPOST(
'action',
'aZ09');
34$langs->loadLangs(array(
"users",
"admin",
"other"));
41$allow_disable_encryption =
true;
48if ($action ==
'setgeneraterule') {
49 if (!
dolibarr_set_const($db,
'USER_PASSWORD_GENERATED',
GETPOST(
"value",
"alphanohtml"),
'chaine', 0,
'', $conf->entity)) {
54if ($action ==
'activate_encrypt') {
63 dolibarr_set_const($db,
"DATABASE_PWD_ENCRYPTED",
"1",
'chaine', 0,
'', $entityforall);
65 $sql =
"SELECT u.rowid, u.pass, u.pass_crypted";
66 $sql .=
" FROM ".MAIN_DB_PREFIX.
"user as u";
67 $sql .=
" WHERE u.pass IS NOT NULL AND LENGTH(u.pass) < 32";
69 $resql = $db->query($sql);
71 $numrows = $db->num_rows($resql);
73 while ($i < $numrows) {
74 $obj = $db->fetch_object($resql);
76 $sql =
"UPDATE ".MAIN_DB_PREFIX.
"user";
77 $sql .=
" SET pass_crypted = '".dol_hash($obj->pass).
"', pass = NULL";
78 $sql .=
" WHERE rowid=".((int) $obj->rowid);
81 $resql2 = $db->query($sql);
103} elseif ($action ==
'disable_encrypt') {
106 if ($allow_disable_encryption) {
111if ($action ==
'activate_encryptdbpassconf') {
118 header(
"Location: security.php");
123} elseif ($action ==
'disable_encryptdbpassconf') {
130 header(
"Location: security.php");
134 setEventMessages($langs->trans(
'InstrucToClearPass', $langs->transnoentitiesnoconv(
"DatabasePassword")),
null,
'warnings');
138if ($action ==
'activate_MAIN_SECURITY_DISABLEFORGETPASSLINK') {
139 dolibarr_set_const($db,
"MAIN_SECURITY_DISABLEFORGETPASSLINK",
'1',
'chaine', 0,
'', $conf->entity);
140} elseif ($action ==
'disable_MAIN_SECURITY_DISABLEFORGETPASSLINK') {
144if ($action ==
'updatepattern') {
145 $pattern =
GETPOST(
"pattern",
"alpha");
146 $explodePattern = explode(
';', $pattern);
148 $patternInError =
false;
149 if ($explodePattern[0] < 1 || $explodePattern[4] < 0) {
150 $patternInError =
true;
153 if ($explodePattern[0] < $explodePattern[1] + $explodePattern[2] + $explodePattern[3]) {
154 $patternInError =
true;
157 if (!$patternInError) {
158 dolibarr_set_const($db,
"USER_PASSWORD_PATTERN", $pattern,
'chaine', 0,
'', $conf->entity);
160 header(
"Location: security.php");
171$form =
new Form($db);
173$wikihelp =
'EN:Setup_Security|FR:Paramétrage_Sécurité|ES:Configuración_Seguridad';
174llxHeader(
'', $langs->trans(
"Passwords"), $wikihelp);
178print
'<span class="opacitymedium">'.$langs->trans(
"GeneratedPasswordDesc").
"</span><br>\n";
189print
'<form action="'.$_SERVER[
"PHP_SELF"].
'" method="POST">';
190print
'<input type="hidden" name="token" value="'.newToken().
'">';
191print
'<input type="hidden" name="action" value="update">';
192print
'<input type="hidden" name="constname" value="USER_PASSWORD_GENERATED">';
193print
'<input type="hidden" name="consttype" value="yesno">';
196$dir =
"../core/modules/security/generate";
198$handle = opendir($dir);
200if (is_resource($handle)) {
201 while (($file = readdir($handle)) !==
false) {
202 if (preg_match(
'/(modGeneratePass[a-z]+)\.class\.php$/i', $file, $reg)) {
204 $classname = $reg[1];
205 require_once $dir.
'/'.$file;
207 $obj =
new $classname($db, $conf, $langs, $user);
208 $arrayhandler[$obj->id] = $obj;
216print
'<div class="div-table-responsive-no-min">';
217print
'<table class="noborder centpercent">';
218print
'<tr class="liste_titre">';
219print
'<td colspan="2">'.$langs->trans(
"RuleForGeneratedPasswords").
'</td>';
220print
'<td>'.$langs->trans(
"Example").
'</td>';
221print
'<td class="center">'.$langs->trans(
"Activated").
'</td>';
226foreach ($arrayhandler as $key => $module) {
228 if (!empty($module->version) && $module->version ==
'development' &&
getDolGlobalInt(
'MAIN_FEATURES_LEVEL') < 2) {
231 if (!empty($module->version) && $module->version ==
'experimental' &&
getDolGlobalInt(
'MAIN_FEATURES_LEVEL') < 1) {
235 if ($module->isEnabled()) {
236 print
'<tr class="oddeven"><td>';
237 print
img_picto(
'', $module->picto,
'class="width25 size15x"').
' ';
240 print $module->getDescription().
'<br>';
241 print $langs->trans(
"MinLength").
': <span class="opacitymedium">'.$module->length.
'</span>';
245 print
'<td class="nowraponall">';
246 $tmp = $module->getExample();
247 if (preg_match(
'/^Error/', $tmp)) {
248 $langs->load(
"errors");
249 print
'<div class="error">'.$langs->trans($tmp).
'</div>';
250 } elseif ($tmp ==
'NotConfigured') {
251 print
'<span class="opacitymedium">'.$langs->trans($tmp).
'</span>';
253 print
'<span class="opacitymedium">'.$tmp.
'</span>';
257 print
'<td class="center">';
258 if ($conf->global->USER_PASSWORD_GENERATED == $key) {
260 print
img_picto($langs->trans(
"Enabled"),
'switch_on');
262 print
'<a href="'.$_SERVER[
'PHP_SELF'].
'?action=setgeneraterule&token='.newToken().
'&value='.$key.
'">';
264 print
img_picto($langs->trans(
"Disabled"),
'switch_off');
267 print
"</td></tr>\n";
280 print
'<div class="div-table-responsive-no-min">';
281 print
'<table class="noborder centpercent">';
282 print
'<tr class="liste_titre">';
283 print
'<td colspan="2"> '.$langs->trans(
"PasswordPatternDesc").
'</td>';
287 print
'<tr class="oddeven">';
288 print
'<td>'.$langs->trans(
"MinLength").
"</td>";
289 print
'<td><input type="number" value="'.$tabConf[0].
'" id="minlenght" min="1"></td>';
293 print
'<tr class="oddeven">';
294 print
'<td>'.$langs->trans(
"NbMajMin").
"</td>";
295 print
'<td><input type="number" value="'.$tabConf[1].
'" id="NbMajMin" min="0"></td>';
299 print
'<tr class="oddeven">';
300 print
'<td>'.$langs->trans(
"NbNumMin").
"</td>";
301 print
'<td><input type="number" value="'.$tabConf[2].
'" id="NbNumMin" min="0"></td>';
305 print
'<tr class="oddeven">';
306 print
'<td>'.$langs->trans(
"NbSpeMin").
"</td>";
307 print
'<td><input type="number" value="'.$tabConf[3].
'" id="NbSpeMin" min="0"></td>';
311 print
'<tr class="oddeven">';
312 print
'<td>'.$langs->trans(
"NbIteConsecutive").
"</td>";
313 print
'<td><input type="number" value="'.$tabConf[4].
'" id="NbIteConsecutive" min="0"></td>';
317 print
'<tr class="oddeven">';
318 print
'<td>'.$langs->trans(
"NoAmbiCaracAutoGeneration").
"</td>";
319 print
'<td><input type="checkbox" id="NoAmbiCaracAutoGeneration" '.($tabConf[5] ?
"checked" :
"").
' min="0"> <label for="NoAmbiCaracAutoGeneration" id="textcheckbox">'.($tabConf[5] ? $langs->trans(
"Activated") : $langs->trans(
"Disabled")).
'</label></td>';
324 print
'<div class="center">';
325 print
'<a class="button button-save" id="linkChangePattern">'.$langs->trans(
"Save").
'</a>';
330 print
'<script type="text/javascript">';
331 print
' function getStringArg(){';
332 print
' var pattern = "";';
333 print
' pattern += $("#minlenght").val() + ";";';
334 print
' pattern += $("#NbMajMin").val() + ";";';
335 print
' pattern += $("#NbNumMin").val() + ";";';
336 print
' pattern += $("#NbSpeMin").val() + ";";';
337 print
' pattern += $("#NbIteConsecutive").val() + ";";';
338 print
' pattern += $("#NoAmbiCaracAutoGeneration")[0].checked ? "1" : "0";';
339 print
' return pattern;';
342 print
' function valuePossible(){';
343 print
' var fields = ["#minlenght", "#NbMajMin", "#NbNumMin", "#NbSpeMin", "#NbIteConsecutive"];';
344 print
' for(var i = 0 ; i < fields.length ; i++){';
345 print
' if($(fields[i]).val() < $(fields[i]).attr("min")){';
346 print
' return false;';
350 print
' var length = parseInt($("#minlenght").val());';
351 print
' var length_mini = parseInt($("#NbMajMin").val()) + parseInt($("#NbNumMin").val()) + parseInt($("#NbSpeMin").val());';
352 print
' return length >= length_mini;';
355 print
' function generatelink(){';
356 print
' return "security.php?action=updatepattern&token='.newToken().
'&pattern="+getStringArg();';
359 print
' function valuePatternChange(){';
360 print
' console.log("valuePatternChange");';
361 print
' var lang_save = "'.$langs->trans(
"Save").
'";';
362 print
' var lang_error = "'.$langs->trans(
"Error").
'";';
363 print
' var lang_Disabled = "'.$langs->trans(
"Disabled").
'";';
364 print
' var lang_Activated = "'.$langs->trans(
"Activated").
'";';
365 print
' $("#textcheckbox").html($("#NoAmbiCaracAutoGeneration")[0].checked ? unescape(lang_Activated) : unescape(lang_Disabled));';
366 print
' if(valuePossible()){';
367 print
' $("#linkChangePattern").attr("href",generatelink()).text(lang_save);';
370 print
' $("#linkChangePattern").attr("href", null).text(lang_error);';
374 print
' $("#minlenght").change(function(){valuePatternChange();});';
375 print
' $("#NbMajMin").change(function(){valuePatternChange();});';
376 print
' $("#NbNumMin").change(function(){valuePatternChange();});';
377 print
' $("#NbSpeMin").change(function(){valuePatternChange();});';
378 print
' $("#NbIteConsecutive").change(function(){valuePatternChange();});';
379 print
' $("#NoAmbiCaracAutoGeneration").change(function(){valuePatternChange();});';
388print
'<form method="post" action="'.$_SERVER[
"PHP_SELF"].
'">';
389print
'<input type="hidden" name="token" value="'.newToken().
'">';
390print
'<input type="hidden" name="action" value="encrypt">';
392print
'<table class="noborder centpercent">';
393print
'<tr class="liste_titre">';
394print
'<td colspan="3">'.$langs->trans(
"Parameters").
'</td>';
395print
'<td class="center">'.$langs->trans(
"Activated").
'</td>';
396print
'<td class="center"></td>';
400print
'<tr class="oddeven">';
401print
'<td colspan="3">'.$langs->trans(
"DoNotStoreClearPassword").
'</td>';
402print
'<td class="center" width="60">';
404 print
img_picto($langs->trans(
"Active"),
'tick');
408 print
'<td class="center" width="100">';
409 print
'<a class="reposition" href="'.$_SERVER[
"PHP_SELF"].
'?action=activate_encrypt&token='.newToken().
'">'.$langs->trans(
"Activate").
'</a>';
415 print
'<td class="center" width="100">';
416 if ($allow_disable_encryption) {
419 print
'<a class="reposition" href="'.$_SERVER[
"PHP_SELF"].
'?action=disable_encrypt&token='.newToken().
'">'.$langs->trans(
"Disable").
'</a>';
431print
'<tr class="oddeven">';
432print
'<td colspan="3">'.$langs->trans(
"MainDbPasswordFileConfEncrypted").
'</td>';
433print
'<td align="center" width="60">';
434if (preg_match(
'/crypted:/i', $dolibarr_main_db_pass) || !empty($dolibarr_main_db_encrypted_pass)) {
435 print
img_picto($langs->trans(
"Active"),
'tick');
440print
'<td class="center" width="100">';
441if (empty($dolibarr_main_db_pass) && empty($dolibarr_main_db_encrypted_pass)) {
442 $langs->load(
"errors");
443 print
img_warning($langs->trans(
"WarningPassIsEmpty"));
445 if (empty($dolibarr_main_db_encrypted_pass)) {
446 print
'<a class="reposition" href="'.$_SERVER[
"PHP_SELF"].
'?action=activate_encryptdbpassconf&token='.newToken().
'">'.$langs->trans(
"Activate").
'</a>';
448 if (!empty($dolibarr_main_db_encrypted_pass)) {
449 print
'<a class="reposition" href="'.$_SERVER[
"PHP_SELF"].
'?action=disable_encryptdbpassconf&token='.newToken().
'">'.$langs->trans(
"Disable").
'</a>';
460print
'<tr class="oddeven">';
461print
'<td colspan="3">'.$langs->trans(
"DisableForgetPasswordLinkOnLogonPage").
'</td>';
462print
'<td class="center" width="60">';
464 print
img_picto($langs->trans(
"Active"),
'tick');
468 print
'<td class="center" width="100">';
469 print
'<a class="reposition" href="'.$_SERVER[
"PHP_SELF"].
'?action=activate_MAIN_SECURITY_DISABLEFORGETPASSLINK&token='.newToken().
'">'.$langs->trans(
"Activate").
'</a>';
473 print
'<td center="center" width="100">';
474 print
'<a class="reposition" href="'.$_SERVER[
"PHP_SELF"].
'?action=disable_MAIN_SECURITY_DISABLEFORGETPASSLINK&token='.newToken().
'">'.$langs->trans(
"Disable").
'</a>';
487if (
GETPOST(
'info',
'int') > 0) {
488 if (function_exists(
'password_hash')) {
489 print $langs->trans(
"Note: The function password_hash exists on your PHP").
"<br>\n";
491 print $langs->trans(
"Note: The function password_hash does not exists on your PHP").
"<br>\n";
493 print
'MAIN_SECURITY_HASH_ALGO = '.getDolGlobalString(
'MAIN_SECURITY_HASH_ALGO').
"<br>\n";
494 print
'MAIN_SECURITY_SALT = '.getDolGlobalString(
'MAIN_SECURITY_SALT').
"<br>\n";
security_prepare_head()
Prepare array with list of tabs.
dolibarr_set_const($db, $name, $value, $type='chaine', $visible=0, $note='', $entity=1)
Insert a parameter (key,value) into database (delete old key then insert it again).
dolibarr_del_const($db, $name, $entity=1)
Delete a constant.
if(!defined('NOREQUIRESOC')) if(!defined( 'NOREQUIRETRAN')) if(!defined('NOTOKENRENEWAL')) if(!defined( 'NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined( 'NOREQUIREAJAX')) llxHeader()
Empty header.
load_fiche_titre($titre, $morehtmlright='', $picto='generic', $pictoisfullpath=0, $id='', $morecssontable='', $morehtmlcenter='')
Load a title with picto.
img_warning($titlealt='default', $moreatt='', $morecss='pictowarning')
Show warning logo.
dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $picto='', $pictoisfullpath=0, $morehtmlright='', $morecss='', $limittoshow=0, $moretabssuffix='', $dragdropfile=0)
Show tabs of a record.
dol_print_error($db='', $error='', $errors=null)
Displays error message system with all the information to facilitate the diagnosis and the escalation...
getDolGlobalInt($key, $default=0)
Return a Dolibarr global constant int value.
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=false, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2)
Show picto whatever it's its name (generic function)
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0)
Set event messages in dol_events session object.
getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
encodedecode_dbpassconf($level=0)
Encode or decode database password in config file.
dol_encode($chain, $key='1')
Encode a string with base 64 algorithm + specific delta change.
dol_hash($chain, $type='0', $nosalt=0)
Returns a hash (non reversible encryption) of a string.
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.