IndexAction.class.php

gehe zur Dokumentation dieser Datei
00001 <?php
00002 // ---------------------------------------------------------------------------
00003 // $Id$
00004 // ---------------------------------------------------------------------------
00005 // OpenRat Content Management System
00006 // Copyright (C) 2002-2007 Jan Dankert, jandankert@jandankert.de
00007 //
00008 // This program is free software; you can redistribute it and/or
00009 // modify it under the terms of the GNU General Public License
00010 // as published by the Free Software Foundation; version 2.
00011 //
00012 // This program is distributed in the hope that it will be useful,
00013 // but WITHOUT ANY WARRANTY; without even the implied warranty of
00014 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00015 // GNU General Public License for more details.
00016 //
00017 // You should have received a copy of the GNU General Public License
00018 // along with this program; if not, write to the Free Software
00019 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
00020 // ---------------------------------------------------------------------------
00021 
00022 
00023 define('PROJECTID_ADMIN',-1);
00024 
00032 class IndexAction extends Action
00033 {
00034      var $mustChangePassword = false;
00035      
00036      function setDb( $dbid )
00037      {
00038           global $conf;
00039 
00040           if   ( !isset($conf['database'][$dbid] ))
00041                die( 'unknown DB-Id: '.$dbid );
00042 
00043           $db = new DB( $conf['database'][$dbid] );
00044           $db->id = $dbid;
00045           Session::setDatabase( $db );
00046      }
00047 
00048 
00049 
00050      function checkForDb()
00051      {
00052           global $conf;
00053           $dbid = $this->getRequestVar('dbid'); 
00054 
00055           if   ( $dbid != '' )
00056                $this->setDb( $dbid );
00057      }
00058 
00059 
00060 
00061      function setDefaultDb()
00062      {
00063           global $conf;
00064 
00065           if   ( !isset($conf['database']['default']) )
00066                die('default-database not set');
00067 
00068           $dbid = $conf['database']['default'];
00069           $this->setDb( $dbid );
00070      }
00071 
00072 
00073 
00074      function checkLogin( $name,$pw,$pw1,$pw2 )
00075      {
00076           Logger::debug( "login user $name" );
00077      
00078           global $conf;
00079           global $SESS;
00080      
00081           unset( $SESS['user'] );  
00082      
00083           
00084           $db = db_connection();
00085           
00086           if   ( !$db->available )
00087           {
00088                $this->addNotice('database',$db->conf['comment'],'DATABASE_CONNECTION_ERROR',OR_NOTICE_ERROR,array(),array('Database Error: '.$db->error));
00089                $this->callSubAction('showlogin');
00090                return false;
00091           }
00092           
00093           $ip = getenv("REMOTE_ADDR");
00094      
00095           $user = new User();
00096           $user->name = $name;
00097           
00098           $ok = $user->checkPassword( $pw );
00099           
00100           $this->mustChangePassword = $user->mustChangePassword;
00101           
00102           if   ( $this->mustChangePassword )
00103           {
00104                // Der Benutzer hat zwar ein richtiges Kennwort eingegeben, aber dieses ist abgelaufen.
00105                // Wir versuchen hier, das neue zu setzen (sofern eingegeben).
00106                if   ( empty($pw1) )
00107                {
00108                }
00109                elseif    ( $pw1 != $pw2 )
00110                {
00111                     $this->addValidationError('password1','PASSWORDS_DO_NOT_MATCH');
00112                     $this->addValidationError('password2','');
00113                }
00114                elseif    ( strlen($pw2) < $conf['security']['password']['min_length'] )
00115                {
00116                     $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>$conf['security']['password']['min_length']));
00117                     $this->addValidationError('password2','');
00118                }
00119                else
00120                {
00121                     // Kennw�rter identisch und lang genug.
00122                     $user->setPassword( $pw1,true );
00123                     
00124                     // Das neue Kennwort ist gesetzt, die Anmeldung ist also doch noch gelungen. 
00125                     $ok = true;
00126                     $this->mustChangePassword = false;
00127                     $user->mustChangePassword = false;
00128                }
00129           }
00130           
00131           // Falls Login erfolgreich
00132           if  ( $ok )
00133           {
00134                // Login war erfolgreich!
00135                $user->load();
00136 //             $user->loadProjects();
00137                //$user->loadRights();
00138                $user->setCurrent();
00139 //             $user->loginDate = time();
00140 //             Session::setUser( $user );
00141                Logger::info( 'login successful' );
00142 
00143                return true;
00144           }
00145           else
00146           {
00147                Logger::info( "login for user $name failed" );
00148                //$SESS['loginmessage'] = lang('USER_LOGIN_FAILED');
00149 
00150                return false;
00151           }
00152      }
00153 
00154 
00155 
00163      function showlogin()
00164      {
00165           global $conf;
00166           $sso = $conf['security']['sso'];
00167           $ssl = $conf['security']['ssl'];
00168           
00169           $ssl_trust    = false;
00170           $ssl_user_var = '';
00171           extract( $ssl, EXTR_PREFIX_ALL, 'ssl' );
00172           
00173           if   ( $sso['enable'] )
00174           {
00175                $authid = $this->getRequestVar( $sso['auth_param_name']);
00176                
00177                if   ( empty( $authid) )
00178                     die( 'no authorization data (no auth-id)');
00179                     
00180                if   ( $sso['auth_param_serialized'] )
00181                     $authid = unserialize( $authid );
00182                
00183                $purl = parse_url($sso['url']);
00184                // Verbindung zu URL herstellen.
00185                $errno=0; $errstr='';
00186                $fp = fsockopen ($purl['host'],80, $errno, $errstr, 30);
00187                if   ( !$fp )
00188                {
00189                     echo "Connection failed: $errstr ($errno)";
00190                }
00191                else
00192                {
00193                     $http_get = $purl['path'];
00194                     if   ( !empty($purl['query']) ) 
00195                          $http_get .= '?'.$purl['query'];
00196 
00197                     $header = array();
00198                          
00199                     $header[] = "GET $http_get HTTP/1.0";
00200                     $header[]  ="Host: ".$purl['host'];
00201                     $header[] = "User-Agent: Mozilla/5.0 (OpenRat CMS Single Sign-on Check)";
00202                     $header[] = "Connection: Close";
00203                     
00204                     if   ( $sso['cookie'] )
00205                     {
00206                          $cookie = 'Cookie: ';
00207                          if   ( is_array($authid))
00208                               foreach( $authid as $cookiename=>$cookievalue)
00209                                    $cookie .= $cookiename.'='.$cookievalue."; ";
00210                          else
00211                               $cookie .= $sso['cookie_name'].'='.$authid;
00212                               
00213                          $header[] = $cookie;
00214                     }
00215                     
00216 //                  Html::debug($header);
00217                     fputs ($fp, implode("\r\n",$header)."\r\n\r\n");
00218                     
00219                     $inhalt=array();
00220                     while (!feof($fp)) {
00221                          $inhalt[] = fgets($fp,128);
00222                     }
00223                     fclose($fp);
00224                     
00225                     $html = implode('',$inhalt);
00226 //                  Html::debug($html);
00227                     if   ( !preg_match($sso['expect_regexp'],$html) )
00228                          die('auth failed');
00229                     $treffer=0;
00230                     if   ( !preg_match($sso['username_regexp'],$html,$treffer) )
00231                          die('auth failed');
00232                     if   ( !isset($treffer[1]) )
00233                          die('auth failed');
00234                          
00235                     $username = $treffer[1];
00236                     
00237 //                  Html::debug( $treffer );
00238                     $this->setDefaultDb();
00239 
00240                     $user = User::loadWithName( $username );
00241                     
00242                     if   ( ! $user->isValid( ))
00243                          die('auth failed: user not found: '.$username);
00244                          
00245                     $user->setCurrent();
00246 
00247                     $this->callSubAction('show');
00248                }
00249           }
00250 
00251           elseif    ( $ssl_trust )
00252           {
00253                if   ( empty($ssl_user_var) )
00254                     die( 'please set environment variable name in ssl-configuration.' );
00255 
00256                $username = getenv( $ssl_user_var );
00257 
00258                if   ( empty($username) )
00259                     die( 'no username in client certificate ('.$ssl_user_var.') (or there is no client certificate...?)' );
00260                
00261                $this->setDefaultDb();
00262 
00263                $user = User::loadWithName( $username );
00264 
00265                if   ( !$user->isValid() )
00266                     die( 'unknown username: '.$username );
00267 
00268                $user->setCurrent();
00269 
00270                $this->callSubAction('show');
00271           }
00272           
00273           foreach( $conf['database'] as $dbname=>$dbconf )
00274           {
00275                if   ( is_array($dbconf) && $dbconf['enabled'] )
00276                     $dbids[$dbname] = array('key'  =>$dbname,
00277                                             'value'=>Text::maxLength($dbconf['comment']),
00278                                             'title'=>$dbconf['comment'].' ('.$dbconf['host'].')' );
00279           }
00280 
00281           if   ( !isset($this->templateVars['login_name']) )
00282                $this->setTemplateVar('login_name',@$conf['security']['default']['username']);
00283 
00284           if   ( $this->templateVars['login_name']== @$conf['security']['default']['username'])
00285                $this->setTemplateVar('login_password',@$conf['security']['default']['password']);
00286 
00287           $this->setTemplateVar( 'dbids',$dbids );
00288           
00289           $db = Session::getDatabase();
00290           if   ( is_object($db) )
00291                $this->setTemplateVar('actdbid',$db->id);
00292           elseif( isset($this->templateVars['actid']) )
00293                ;
00294           else
00295                $this->setTemplateVar('actdbid',$conf['database']['default']);
00296 
00297           $ssl_user_var = $conf['security']['ssl']['user_var'];
00298           if   ( !empty($ssl_user_var) )
00299           {
00300                $username = getenv( $ssl_user_var );
00301 
00302                if   ( empty($username) )
00303                {
00304                     echo lang('ERROR_LOGIN_BROKEN_SSL_CERT');
00305                     Logger::warn( 'no username in SSL client certificate (var='.$ssl_user_var.').' );
00306                     exit;
00307                }
00308                
00309 //             Html::debug($username);
00310                $this->setTemplateVar('force_username',$username);
00311           }
00312 
00313           $this->setTemplateVar('register'     ,$conf['login'   ]['register' ]);
00314           $this->setTemplateVar('send_password',$conf['login'   ]['send_password']);
00315           $this->setTemplateVar('loginmessage',$this->getSessionVar('loginmessage'));
00316           $this->setSessionVar('loginmessage','');
00317      }
00318 
00319 
00320 
00324      function projectmenu()
00325      {
00326           $user = Session::getUser();
00327           
00328           if   ( $user->mustChangePassword ) 
00329           {
00330                $this->addNotice( 'user',$user->name,'PASSWORD_TIMEOUT','warn' );
00331                $this->callSubAction( 'changepassword' ); // Zwang, das Kennwort zu �ndern.
00332           }
00333           
00334 
00335           // Diese Seite gilt pro Sitzung. 
00336           $this->lastModified( $user->loginDate );
00337 
00338           // Projekte ermitteln
00339           $projects = $user->projects;
00340 
00341           $list     = array();
00342           
00343           foreach( $projects as $id=>$name )
00344           {
00345                $p = array();
00346                $p['url' ] = Html::url('index','project',$id);
00347                $p['name'] = $name;
00348                $p['id'  ] = $id;
00349 
00350                $tmpProject = new Project( $id );
00351                $p['defaultmodelid'   ] = $tmpProject->getDefaultModelId();
00352                $p['defaultlanguageid'] = $tmpProject->getDefaultLanguageId();
00353                $p['models'           ] = $tmpProject->getModels();
00354                $p['languages'        ] = $tmpProject->getLanguages();
00355                
00356                $list[] = $p;
00357           }
00358 
00359           $this->setTemplateVar('projects',$list);
00360           
00361           if   ( empty($list) )
00362           {
00363                // Kein Projekt vorhanden. Eine Hinweismeldung ausgeben.
00364                if   ( $this->userIsAdmin() )
00365                     // Administratoren bekommen bescheid, dass sie ein Projekt anlegen sollen
00366                     $this->addNotice('','','ADMIN_NO_PROJECTS_AVAILABLE',OR_NOTICE_WARN);
00367                else
00368                     // Normale Benutzer erhalten eine Meldung, dass kein Projekt zur Verf�gung steht
00369                     $this->addNotice('','','NO_PROJECTS_AVAILABLE',OR_NOTICE_WARN);
00370           }
00371           
00372           $this->metaValues();
00373      }
00374 
00375 
00376 
00380      function applications()
00381      {
00382           global $conf;
00383           
00384           // Diese Seite gilt pro Sitzung. 
00385           $user       = Session::getUser();
00386           $userGroups = $user->getGroups();
00387           $this->lastModified( $user->loginDate );
00388 
00389           // Applikationen ermitteln
00390           $list = array();
00391           foreach( $conf['applications'] as $id=>$app )
00392           {
00393                if   ( !is_array($app) )
00394                     continue;
00395                     
00396                if   ( isset($app['group']) )
00397                     if   ( !in_array($app['group'],$userGroups) )
00398                          continue; // Keine Berechtigung, da Benutzer nicht in Gruppe vorhanden.
00399                          
00400                $p = array();
00401                $p['url']         = $app['url'];
00402                $p['description'] = @$app['description'];
00403                if   ( isset($app['param']) )
00404                {
00405                     $p['url'] .= strpos($p['url'],'?')!==false?'&':'?';
00406                     $p['url'] .= $app['param'].'='.session_id();
00407                }
00408                $p['name'] = $app['name'];
00409                
00410                $list[] = $p;
00411           }
00412 
00413 
00414           $this->metaValues();
00415           $this->setTemplateVar('applications',$list);
00416      }
00417 
00418      
00419      
00425      function metaValues()
00426      {
00427           global $conf;
00428           $metaList = array();
00429 
00430           $user = Session::getUser();
00431           if   ( is_object($user) )
00432           {
00433                // Projekte ermitteln
00434                $projects = $user->projects;
00435                foreach( $projects as $id=>$name )
00436                {
00437                     $metaList[] = array('name' => 'chapter',
00438                                         'url'  => Html::url('index','project',$id),
00439                                         'title'=> $name       );
00440                }
00441      
00442                if   ( $this->userIsAdmin() )
00443                {
00444                     $metaList[] = array('name' => 'appendix',
00445                                                   'url'  => Html::url('index','projectmenu',0 ),
00446                                                   'title'=> lang('MENU_TREETITLE_ADMINISTRATION' ) );
00447                     
00448                     $metaList[] = array('name' => 'chapter',
00449                                         'url'  => Html::url('index','administration',0),
00450                                         'title'=> lang('administration')                );
00451                }
00452                
00453                // Applikationen ermitteln
00454                foreach( $conf['applications'] as $id=>$app )
00455                {
00456                     if   ( !is_array($app) )
00457                          continue;
00458                     $appUrl = $app['url'];
00459                     if   ( isset($app['param']) )
00460                     {
00461                          $appUrl .= strpos($appUrl,'?')!==false?'&':'?';
00462                          $appUrl .= $app['param'].'='.session_id();
00463                     }
00464                     
00465                     $metaList[] = array('name' => 'bookmark',
00466                                         'url'  => $appUrl  ,
00467                                         'title'=> $app['name'] );
00468                }
00469           }
00470           
00471           $project = Session::getProject();
00472           if   ( is_object($project) && $project->projectid > 0 )
00473           {
00474                $languages =$project->getLanguages();
00475                
00476                foreach( $project->getModels() as $modelid=>$modelname )
00477                {
00478                     foreach( $languages as $languageid=>$languagename )
00479                     {
00480                          
00481                          $metaList[] = array('name' => 'subsection',
00482                                              'url'  => Html::url('index',
00483                                                                  'project',
00484                                                                  $project->projectid,
00485                                                                  array('languageid'=>$languageid,
00486                                                                        'modelid'   =>$modelid)     ),
00487                                              'title'=> $modelname.' - '.$languagename
00488                                             );
00489                     }
00490                }
00491           }
00492 
00493           $metaList[] = array('name' => 'author',
00494                                         'url'  => $conf['login']['logo']['url'],
00495                                         'title'=> $conf['login']['logo']['url'] );
00496 
00497           $metaList[] = array('name' => 'top',
00498                                         'url'  => Html::url('index','logout',0 ),
00499                                         'title'=> 'Start' );
00500           
00501           $metaList[] = array('name' => 'contents',
00502                                         'url'  => Html::url('index','projectmenu',0 ),
00503                                         'title'=> lang('MENU_TREETITLE_PROJECTMENU' ) );
00504 
00505           
00506           $this->setTemplateVar('metaList',$metaList);
00507      }
00508 
00509      
00510 
00522      function openid()
00523      {
00524           global $conf;
00525           $openId = new OpenId();
00526 
00527           if   ( !$openId->checkAuthentication() )
00528           {
00529                $this->addNotice('user',$openId->user,'LOGIN_OPENID_FAILED',OR_NOTICE_ERROR,array('name'=>$openId->user),array($openId->error) );
00530                $this->addValidationError('openid_url','');
00531                $this->callSubAction('showlogin');
00532                return;
00533           }
00534           
00535           // Anmeldung wurde mit "is_valid:true" best�tigt.
00536           // Der Benutzer ist jetzt eingeloggt.
00537           $username = $openId->getUserFromIdentiy();
00538           
00539           $user = User::loadWithName( $username );
00540                
00541           if   ( $user->userid <=0)
00542           {
00543                // Benutzer ist (noch) nicht vorhanden.
00544                if   ( $conf['security']['openid']['add'])  // Anlegen?
00545                {
00546                     $user->name     = $username;
00547                     $user->add();
00548 
00549                     $user->mail     = $openId->info['email'];
00550                     $user->fullname = $openId->info['fullname'];
00551                     $user->save();  // Um E-Mail zu speichern (wird bei add() nicht gemacht)
00552                }
00553                else
00554                {
00555                     // Benutzer ist nicht in Benutzertabelle vorhanden (und angelegt werden soll er auch nicht).
00556                     $this->addNotice('user',$username,'LOGIN_OPENID_FAILED','error',array('name'=>$username) );
00557                     $this->addValidationError('openid_url','');
00558                     $this->callSubAction('showlogin');
00559                     return;
00560                }
00561           }
00562           else
00563           {
00564                // Benutzer ist bereits vorhanden.
00565                if   ( @$conf['security']['openid']['update_user'])
00566                {
00567                     $user->fullname = $openId->info['fullname'];
00568                     $user->mail     = $openId->info['email'];
00569                     $user->save();
00570                }
00571           }
00572 
00573           $user->setCurrent();  // Benutzer ist jetzt in der Sitzung.
00574      }
00575      
00576 
00580      function login()
00581      {
00582           global $conf;
00583 
00584           $this->checkForDb();
00585           Session::setUser('');
00586           
00587           if   ( $conf['login']['nologin'] )
00588                die('login disabled');
00589 
00590           $openid_user   = $this->getRequestVar('openid_url'    );
00591           $loginName     = $this->getRequestVar('login_name'    );
00592           $loginPassword = $this->getRequestVar('login_password');
00593           $newPassword1  = $this->getRequestVar('password1'     );
00594           $newPassword2  = $this->getRequestVar('password2'     );
00595           
00596           // Login mit Open-Id.
00597           if   ( !empty($openid_user) )
00598           {
00599                $openId = new OpenId($openid_user);
00600                
00601                if   ( ! $openId->login() )
00602                {
00603                     $this->addNotice('user',$openid_user,'LOGIN_OPENID_FAILED','error',array('name'=>$openid_user),array($openId->error) );
00604                     $this->addValidationError('openid_url','');
00605                     $this->callSubAction('showlogin');
00606                     return;
00607                }
00608                
00609                $openId->redirect();
00610                die('Unreachable Code.');
00611           }
00612           
00613 
00614           // Ermitteln, ob der Baum angezeigt werden soll
00615           // Ist die Breite zu klein, dann wird der Baum nicht angezeigt
00616           Session::set('showtree',intval($this->getRequestVar('screenwidth')) > $conf['interface']['min_width'] );
00617 
00618           $loginOk = $this->checkLogin( $loginName,
00619                                         $loginPassword,
00620                                         $newPassword1,
00621                                         $newPassword2 );
00622                              
00623           if   ( !$loginOk )
00624           {
00625                sleep(3);
00626                
00627                if   ( $this->mustChangePassword )
00628                {
00629                     // Anmeldung gescheitert, Benutzer muss Kennwort �ndern.
00630                     $this->addNotice('user',$loginName,'LOGIN_FAILED_MUSTCHANGEPASSWORD','error' );
00631                     $this->addValidationError('password1','');
00632                     $this->addValidationError('password2','');
00633                }
00634                else
00635                {
00636                     // Anmeldung gescheitert.
00637                     $this->addNotice('user',$loginName,'LOGIN_FAILED','error',array('name'=>$this->getRequestVar('login_name')) );
00638                     $this->addValidationError('login_name'    ,'');
00639                     $this->addValidationError('login_password','');
00640                }
00641                     
00642                $this->callSubAction('showlogin');
00643                return;
00644           }
00645           else
00646           {
00647                $user = Session::getUser();
00648                $this->addNotice('user',$user->name,'LOGIN_OK',OR_NOTICE_OK,array('name'=>$user->fullname));
00649                
00650                $this->evaluateRequestVars();
00651 
00652                $object = Session::getObject();
00653                // Falls noch kein Objekt ausgew�hlt, dann das zuletzt ge�nderte benutzen.
00654                if   ( !is_object($object) && @$conf['login']['start']['start_lastchanged_object'] )
00655                {
00656                     $objectid = Value::getLastChangedObjectByUserId($user->userid);
00657                     if   ( Object::available($objectid))
00658                     {
00659                          $object = new Object($objectid);
00660                          $object->load();
00661                          Session::setObject($object); 
00662                     }
00663                     
00664                     $project = new Project( $object->projectid );
00665                     $project->load();
00666                     Session::setProject( $project );
00667                     
00668                     $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&&Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() );
00669                     $language->load();
00670                     Session::setProjectLanguage( $language );
00671           
00672                     $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&&Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() );
00673                     $model->load();
00674                     Session::setProjectModel( $model );
00675                }
00676           }
00677      }
00678 
00679 
00683      function logout()
00684      {
00685           global $conf;
00686           
00687           $user = Session::getUser();
00688           if   ( is_object($user) )
00689                $this->setTemplateVar('login_username',$user->name);
00690           
00691           // Ausgew�hlte Objekte merken, um nach dem n�. Login wieder sofort auszuw�hlen.
00692           $o = Session::getObject();
00693           if   ( is_object($o) )
00694                $this->setTemplateVar('objectid',$o->objectid);
00695           $p = Session::getProject();
00696           if   ( is_object($p) )
00697                $this->setTemplateVar('projectid',$p->projectid);
00698           $l = Session::getProjectLanguage();
00699           if   ( is_object($l) )
00700                $this->setTemplateVar('languageid',$l->languageid);
00701           $m = Session::getProjectModel();
00702           if   ( is_object($m) )
00703                $this->setTemplateVar('modelid',$m->modelid);
00704           $db = db_connection();
00705           if   ( is_object($db) )
00706                $this->setTemplateVar('dbid',$db->id);
00707           
00708           // Aus Sicherheitsgruenden die komplette Session deaktvieren.
00709           session_unset();
00710           
00711           if   ( @$conf['theme']['compiler']['compile_at_logout'])
00712           {
00713                foreach( $conf['action'] as $actionName => $actionConfig )
00714                {
00715                     foreach( $actionConfig as $subActionName=>$subaction )
00716                     {
00717                          if   ( is_array($subaction) && !isset($subaction['goto']) && 
00718                                 !isset($subaction['direct']) &&
00719                                 !isset($subaction['action']) &&
00720                                 $subActionName != 'menu'            )
00721                          {
00722                               $engine = new TemplateEngine();
00723                               $engine->compile( strtolower(str_replace('Action','',$actionName)).'/'.$subActionName);
00724                          }
00725                     }
00726                }
00727           }
00728           
00729           // Umleiten auf eine definierte URL.s
00730           $redirect_url = @$conf['security']['logout']['redirect_url'];
00731 
00732           if   ( !empty($redirect_url) )
00733           {
00734                header('Location: '.$redirect_url);
00735                exit;
00736           }
00737      }
00738 
00739 
00743      function administration()
00744      {
00745           Session::setProject( new Project(-1) );
00746      }
00747      
00748      
00749      
00757      function userinfo()
00758      {
00759           $user = Session::getUser();
00760           $info = array('username'   => $user->name,
00761                         'fullname'   => $user->fullname,
00762                         'mail'       => $user->mail,
00763                         'telephone'  => $user->tel,
00764                         'style'      => $user->style,
00765                         'admin'      => $user->isAdmin?'true':'false',
00766                         'ldap'       => $user->ldap_dn,
00767                         'groups'     => implode(',',$user->getGroups()),
00768                         'description'=> $user->desc
00769                        );
00770                   
00771           // Wenn der HTTP-Parameter "xml" vorhanden ist, dann geben wir die
00772           // Informationen per XML aus.     
00773           if   ( $this->hasRequestVar('xml') )
00774           {
00775                header('Content-Type: text/xml');
00776                echo '<userinfo>';
00777                foreach( $info as $n=>$i )
00778                     echo '<'.$n.'>'.$i.'</'.$n.'>'."\n";
00779                echo '</userinfo>';
00780                
00781           }
00782           
00783           // Sonst normale Textausgabe im INI-Datei-Format.
00784           else
00785           {
00786                header('Content-Type: text/plain');
00787                foreach( $info as $n=>$i )
00788                     echo $n.'="'.$i."\"\n";
00789           }
00790           
00791           exit; // Fertig.
00792      }
00793      
00794      
00795      function project()
00796      {
00797           $user = Session::getUser();
00798           if   ( ! is_object($user) )
00799           {
00800                $this->callSubAction('show');
00801           }
00802 
00803           $this->evaluateRequestVars( array('projectid'=>$this->getRequestId()) );
00804 
00805           $project  = Session::getProject();
00806           $language = Session::getProjectLanguage();
00807           
00808           $user->loadRights( $project->projectid,$language->languageid );
00809           Session::setUser( $user );
00810      }
00811 
00812 
00813      function object()
00814      {
00815           $this->evaluateRequestVars( array('objectid'=>$this->getRequestId()) );
00816 
00817           $user = Session::getUser();
00818 
00819           if   ( ! is_object($user) )
00820           {
00821                $this->callSubAction('show');
00822                return;
00823           }
00824 
00825           $user->loadRights( $project->projectid,$language->languageid );
00826           Session::setUser( $user );
00827      }
00828 
00829 
00830      function language()
00831      {
00832           $this->evaluateRequestVars( array(REQ_PARAM_LANGUAGE_ID=>$this->getRequestId()) );
00833 
00834           $user = Session::getUser();
00835           $project  = Session::getProject();
00836           $language = Session::getProjectLanguage();
00837           $user->loadRights( $project->projectid,$language->languageid );
00838           Session::setUser( $user );
00839      }
00840 
00841 
00842      function model()
00843      {
00844           $this->evaluateRequestVars( array(REQ_PARAM_MODEL_ID=>$this->getRequestId()) );
00845 
00846           $user     = Session::getUser();
00847           $project  = Session::getProject();
00848           $language = Session::getProjectLanguage();
00849           $user->loadRights( $project->projectid,$language->languageid );
00850           Session::setUser( $user );
00851      }
00852      
00853 
00859      function evaluateRequestVars( $add = array() )
00860      {
00861           global $REQ;
00862           $vars = $REQ + $add;
00863           
00864           $db = db_connection();
00865           if   ( !is_object($db) )
00866           {
00867                if   ( isset($vars[REQ_PARAM_DATABASE_ID]) )
00868                     $this->setDb($vars[REQ_PARAM_DATABASE_ID]);
00869                else
00870                     die('no database available.');
00871           }
00872           
00873 
00874           if   ( isset($vars[REQ_PARAM_OBJECT_ID]) && Object::available($vars[REQ_PARAM_OBJECT_ID]) )
00875           {
00876                $object = new Object( $vars[REQ_PARAM_OBJECT_ID] );
00877                $object->objectLoadRaw();
00878                Session::setObject( $object );
00879      
00880                $project = new Project( $object->projectid );
00881                $project->load();
00882                Session::setProject( $project );
00883                
00884                $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&&Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() );
00885                $language->load();
00886                Session::setProjectLanguage( $language );
00887      
00888                $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&&Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() );
00889                $model->load();
00890                Session::setProjectModel( $model );
00891           }
00892           elseif    ( isset($vars[REQ_PARAM_LANGUAGE_ID]) && Language::available($vars[REQ_PARAM_LANGUAGE_ID]) )
00893           {
00894                $language = new Language( $vars[REQ_PARAM_LANGUAGE_ID] );
00895                $language->load();
00896                Session::setProjectLanguage( $language );
00897      
00898                $project = new Project( $language->projectid );
00899                $project->load();
00900                Session::setProject( $project );
00901      
00902                $model = Session::getProjectModel();
00903                if   ( !is_object($model) )
00904                {
00905                     $model = new Model( $project->getDefaultModelId() );
00906                     $model->load();
00907                     Session::setProjectModel( $model );
00908                }
00909      
00910                $object = Session::getObject();
00911                if   ( is_object($object) && $object->projectid == $project->projectid )
00912                {
00913                     $object->objectLoadRaw();
00914                     Session::setObject( $object );
00915                }
00916                else
00917                {
00918                     Session::setObject( '' );
00919                }
00920           }
00921           elseif    ( isset($vars[REQ_PARAM_MODEL_ID]) && Model::available($vars[REQ_PARAM_MODEL_ID]) )
00922           {
00923                $model = new Model( $vars[REQ_PARAM_MODEL_ID] );
00924                $model->load();
00925                Session::setProjectModel( $model );
00926      
00927                $project = new Project( $model->projectid );
00928                $project->load();
00929                Session::setProject( $project );
00930      
00931                $language = Session::getProjectLanguage();
00932                if   ( !is_object($language) || $language->projectid != $project->projectid )
00933                {
00934                     $language = new Language( $project->getDefaultLanguageId() );
00935                     $language->load();
00936                     Session::setProjectLanguage( $language );
00937                }
00938      
00939                $object = Session::getObject();
00940                $object->objectLoadRaw();
00941                if   ( is_object($object) && $object->projectid == $project->projectid )
00942                {
00943                     $object->objectLoadRaw();
00944                     Session::setObject( $object );
00945                }
00946                else
00947                {
00948                     Session::setObject( '' );
00949                }
00950           }
00951           elseif    ( isset($vars[REQ_PARAM_PROJECT_ID])&&Project::available($vars[REQ_PARAM_PROJECT_ID]) )
00952           {
00953                $project = new Project( $vars[REQ_PARAM_PROJECT_ID] );
00954                $project->load();
00955      
00956                Session::setProject( $project );
00957                
00958                $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&& Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() );
00959                $language->load();
00960                Session::setProjectLanguage( $language );
00961      
00962                $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&& Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() );
00963                $model->load();
00964                Session::setProjectModel( $model );
00965      
00966                $object = Session::getObject();
00967                if   ( is_object($object) && $object->projectid == $project->projectid )
00968                {
00969                     $object->objectLoadRaw();
00970                     Session::setObject( $object );
00971                }
00972                else
00973                {
00974                     Session::setObject( '' );
00975                }
00976           }
00977      }
00978 
00979 
00980      function showtree()
00981      {
00982           Session::set('showtree',true );
00983      }
00984           
00985 
00986      function hidetree()
00987      {
00988           Session::set('showtree',false );
00989      }
00990           
00991 
00992      function show()
00993      {
00994           global $conf;
00995           global $PHP_AUTH_USER;
00996           global $PHP_AUTH_PW;
00997 
00998           $user = Session::getUser();
00999           
01000           // Gast-Login
01001           if   ( ! is_object($user) )
01002           {
01003                if   ( $conf['security']['guest']['enable'] )
01004                {
01005                     $this->setDefaultDb();
01006                     $username = $conf['security']['guest']['user'];
01007                     $user = User::loadWithName($username);
01008                     if   ( $user->userid > 0 )
01009                          $user->setCurrent();
01010                     else
01011                     {
01012                          Logger::warn('Guest login failed, user not found: '.$username);
01013                          $this->addNotice('user',$username,'LOGIN_FAILED',OR_NOTICE_WARN,array('name'=>$username) );
01014                          $user = null;
01015                     }
01016                }
01017           }
01018           
01019           if   ( ! is_object($user) )
01020           {
01021                switch( $conf['security']['login']['type'] )
01022                {
01023                          
01024                     // Authorization ueber HTTP
01025                     //
01026                     case 'http':
01027                          $ok = false;
01028           
01029                         if    ( isset($_SERVER['PHP_AUTH_USER']) )
01030                         {
01031                          $this->setDefaultDb();
01032                               $ok = $this->checkLogin( $_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW'] );
01033                         }
01034                         
01035                          if   ( ! $ok )
01036                          {
01037                               header( 'WWW-Authenticate: Basic realm="'.OR_TITLE.' - '.lang('HTTP_REALM').'"' );
01038                               header( 'HTTP/1.0 401 Unauthorized' );
01039                               echo 'Authorization Required!';
01040                               exit;
01041                          }
01042                          break;
01043                          
01044                     case 'form':
01045                          // Benutzer ist nicht angemeldet
01046                          $this->callSubAction( 'showlogin' ); // Anzeigen der Login-Maske
01047                          return;
01048                          break;
01049                          
01050                     default:
01051                          die('unknown auth-type: '.$conf['security']['login']['type'] );
01052                }
01053           }
01054           
01055           if   ( $user->mustChangePassword ) 
01056           {
01057                $this->addNotice( 'user',$user->name,'PASSWORD_TIMEOUT','warn' );
01058                $this->callSubAction( 'changepassword' ); // Zwang, das Kennwort zu �ndern.
01059           }
01060 
01061           // Seite �ndert sich nur 1x pro Session
01062           $this->lastModified( $user->loginDate );
01063 
01064           $projectid  = intval( $this->getRequestVar('projectid' ) );
01065           $languageid = intval( $this->getRequestVar('languageid') );
01066           $modelid    = intval( $this->getRequestVar('modelid'   ) );
01067           $objectid   = intval( $this->getRequestVar('objectid'  ) );
01068           $elementid  = intval( $this->getRequestVar('elementid' ) );
01069 
01070           if   ( $projectid != 0 )
01071           {
01072                $project = new Project( $projectid );
01073                $project->load();
01074                Session::setProject($project);
01075           }
01076           elseif    ( $languageid != 0 )
01077           {
01078                $language = new Language( $languageid );
01079                $language->load();
01080                Session::setProjectLanguage($language);
01081           }
01082           elseif    ( $modelid != 0 )
01083           {
01084                $model = new Model( $modelid );
01085                $model->load();
01086                Session::setProjectModel($model);
01087           }
01088           elseif    ( $objectid != 0 )
01089           {
01090                $object = new Object( $objectid );
01091                $object->objectLoad();
01092                Session::setObject($object);
01093           }
01094           if   ( $elementid != 0 )
01095           {
01096                $element = new Element( $elementid );
01097                Session::setElement($element);
01098           }
01099           
01100           $project = Session::getProject();
01101 
01102           if ( $project->projectid == PROJECTID_ADMIN )
01103           {
01104                $project->name = lang('GLOBAL_ADMINISTRATION');
01105                Session::setProject( $project );
01106 
01107                Session::setProjectLanguage( '' );
01108                Session::setProjectModel   ( '' );
01109                Session::setObject         ( '' );
01110           }
01111 
01112           $db      = Session::getDatabase();
01113 //        $this->setTemplateVar( 'title',$user->name.'@'.$project->name.' ('.$db->conf['comment'].')' );
01114 //        $this->setTemplateVar( 'title',$project->name.' ('.$db->conf['comment'].')' );
01115           $this->setTemplateVar( 'title',$project->name );
01116 
01117           $object  = Session::getObject();
01118           
01119           $elementid = 0;
01120           
01121           if   ( is_object($project) )
01122           {
01123                if   ( is_object($object) )
01124                {
01125                     $type = $object->getType();
01126                     
01127                     if   ( $type == 'page' )
01128                     {
01129                          $page        = new Page($object->objectid);
01130                          $page->load();
01131                          $elementList = $page->getWritableElements();
01132                          if   ( count($elementList) == 1 )
01133                               $elementid = current(array_keys($elementList));
01134                     }
01135      
01136                     if   ( $elementid > 0 )
01137                          $this->setTemplateVar( 'frame_src_main',Html::url('main','pageelement',$object->objectid,array('elementid'=>$elementid,'targetSubAction'=>'edit')) );
01138                     else
01139                          $this->setTemplateVar( 'frame_src_main',Html::url('main',$type,$object->objectid) );
01140                }
01141                else
01142                {
01143                     $this->setTemplateVar( 'frame_src_main',Html::url('main','empty',0,array(REQ_PARAM_TARGETSUBACTION=>'blank')) );
01144                }
01145           }
01146           elseif    ( is_object($project) && $project->projectid == PROJECTID_ADMIN )
01147           {
01148                if   ( $this->hasRequestVar('projectid') )
01149                     $this->setTemplateVar( 'frame_src_main',Html::url('main','project',$this->getRequestVar('projectid')) );
01150                elseif    ( $this->hasRequestVar('groupid') )
01151                     $this->setTemplateVar( 'frame_src_main',Html::url('main','group'  ,$this->getRequestVar('groupid'  )) );
01152                elseif    ( $this->hasRequestVar('userid') )
01153                     $this->setTemplateVar( 'frame_src_main',Html::url('main','user'   ,$this->getRequestVar('userid'   )) );
01154                else
01155                     $this->setTemplateVar( 'frame_src_main',Html::url('main','empty',0,array(REQ_PARAM_TARGETSUBACTION=>'blank')) );
01156           }
01157           else
01158           {
01159                $this->callSubAction( 'projectmenu' );
01160           }
01161           
01162 
01163           $this->setTemplateVar( 'show_tree',(Session::get('showtree')==true) );
01164 
01165           $this->setTemplateVar( 'frame_src_title'     ,Html::url( 'title'                ) );
01166           $this->setTemplateVar( 'frame_src_tree_menu' ,Html::url( 'treemenu'             ) );
01167           $this->setTemplateVar( 'frame_src_tree_title',Html::url( 'treetitle'            ) );
01168           $this->setTemplateVar( 'frame_src_tree'      ,Html::url( 'tree'    ,'load'      ) );
01169           $this->setTemplateVar( 'frame_src_clipboard' ,Html::url( 'clipboard'            ) );
01170           $this->setTemplateVar( 'frame_src_border'    ,Html::url( 'empty'   ,'border'    ) );
01171           $this->setTemplateVar( 'frame_src_background',Html::url( 'empty'   ,'background') );
01172           $this->setTemplateVar( 'frame_src_status'    ,Html::url( 'status'               ) );
01173 
01174           $this->setTemplateVar( 'tree_width',$conf['interface']['tree_width'] );
01175           
01176           $this->metaValues();
01177      }
01178 
01179 
01180 
01181      function checkMenu( $name )
01182      {
01183           global $conf;
01184           
01185           switch( $name )
01186           {
01187                case 'applications':
01188                     // Men�punkt "Anwendungen" wird nur angezeigt, wenn weitere Anwendungen
01189                     // konfiguriert sind.
01190                     return count(@$conf['applications']) > 0;
01191 
01192                case 'register': // Registrierung
01193                     // Nur, wenn aktiviert und gegen eigene Datenbank authentisiert wird.
01194                     return @$conf['login']['register'] && @$conf['security']['auth']['type'] == 'database';
01195 
01196                case 'password': // Kennwort vergessen
01197                     // Nur, wenn aktiviert und gegen eigene Datenbank authentisiert wird.
01198                     // Deaktiviert, falls LDAP-Lookup aktiviert ist.
01199                     return @$conf['login']['send_password'] && @$conf['security']['auth']['type'] == 'database'
01200                                                             && !@$conf['security']['auth']['userdn'];
01201                     
01202                case 'administration':
01203                     // "Administration" nat�rlich nur f�r Administratoren.
01204                     return $this->userIsAdmin();
01205 
01206                case 'showlogin':
01207                     return !@$conf['login']['nologin'];
01208                     
01209                case 'logout':
01210                     return true;
01211                     
01212                case 'projectmenu':
01213                     return true;
01214                     
01215                default:
01216                     return false;
01217           }    
01218      }
01219      
01220      
01224      function register()
01225      {
01226           
01227      }
01228 
01229      
01234      function registercode()
01235      {
01236           if   ( !$this->hasRequestVar('mail') )
01237           {
01238                $this->addValidationError('mail');
01239                $this->callSubAction('register');
01240                return;
01241           }
01242           
01243           srand ((double)microtime()*1000003);
01244           $registerCode = rand();
01245           
01246           Session::set('registerCode',$registerCode                );
01247                          
01248           $mail = new Mail($this->getRequestVar('mail'),
01249                            'register_commit_code','register_commit_code');
01250           $mail->setVar('code',$registerCode);
01251           
01252           if   ( $mail->send() )
01253           {
01254                $this->addNotice('','','mail_sent',OR_NOTICE_OK);
01255           }
01256           else
01257           {
01258                $this->addNotice('','','mail_not_sent',OR_NOTICE_ERROR,array(),$mail->error);
01259                $this->callSubAction('register');
01260                return;
01261           }
01262      }
01263 
01264      
01265      
01266      function registeruserdata()
01267      {
01268           global $conf;
01269 
01270           Session::set('registerMail',$this->getRequestVar('mail') );
01271           // TODO: Attribut "Password" abfragen
01272           foreach( $conf['database'] as $dbname=>$dbconf )
01273           {
01274                if   ( is_array($dbconf) && $dbconf['enabled'] )
01275                     $dbids[$dbname] = $dbconf['comment'];
01276           }
01277 
01278           $this->setTemplateVar( 'dbids',$dbids );
01279           
01280           $db = Session::getDatabase();
01281           if   ( is_object($db) )
01282                $this->setTemplateVar('actdbid',$db->id);
01283           else
01284                $this->setTemplateVar('actdbid',$conf['database']['default']);
01285      }
01286 
01287      
01292      function registercommit()
01293      {
01294           global $conf;
01295           $this->checkForDb();
01296 
01297           $origRegisterCode  = Session::get('registerCode');
01298           $inputRegisterCode = $this->getRequestVar('code');
01299           
01300           if   ( $origRegisterCode != $inputRegisterCode )
01301           {
01302                // Best�tigungscode stimmt nicht.
01303                $this->addValidationError('code','code_not_match');
01304                $this->callSubAction('registeruserdata');
01305                return;
01306           }
01307 
01308           // Best�tigungscode stimmt �berein.
01309           // Neuen Benutzer anlegen.
01310                
01311           if   ( !$this->hasRequestVar('username') )
01312           {
01313                $this->addValidationError('username');
01314                $this->callSubAction('registeruserdata');
01315                return;
01316           }
01317           
01318           $user = User::loadWithName( $this->getRequestVar('username') );
01319           if   ( $user->isValid() )
01320           {
01321                $this->addValidationError('username','USER_ALREADY_IN_DATABASE');
01322                $this->callSubAction('registeruserdata');
01323                return;
01324           }
01325           
01326           if   ( strlen($this->getRequestVar('password')) < $conf['security']['password']['min_length'] )
01327           {
01328                $this->addValidationError('password','password_minlength',array('minlength'=>$conf['security']['password']['min_length']));
01329                $this->callSubAction('registeruserdata');
01330                return;
01331           }
01332           
01333           $newUser = new User();
01334           $newUser->name = $this->getRequestVar('username');
01335           $newUser->add();
01336                
01337           $newUser->mail     = Session::get('registerMail');
01338           $newUser->save();
01339                
01340           $newUser->setPassword( $this->getRequestVar('password'),true );
01341                
01342           $this->addNotice('user',$newUser->name,'user_added','ok');
01343      }
01344 
01345 
01346 
01350      function password()
01351      {
01352           global $conf;
01353           
01354           // TODO: Attribut "Password" abfragen
01355           foreach( $conf['database'] as $dbname=>$dbconf )
01356           {
01357                if   ( is_array($dbconf) && $dbconf['enabled'] )
01358                     $dbids[$dbname] = $dbconf['comment'];
01359           }
01360 
01361           $this->setTemplateVar( 'dbids',$dbids );
01362           
01363           
01364           $db = Session::getDatabase();
01365           
01366           if   ( is_object($db) )
01367                $this->setTemplateVar('actdbid',$db->id);
01368           else
01369                $this->setTemplateVar('actdbid',$conf['database']['default']);
01370           
01371      }    
01372      
01373      
01374      /*
01375      function changepassword()
01376      {
01377      }
01378      */
01379      
01380      
01381      /*
01382      function setnewpassword()
01383      {
01384           $oldPw  = $this->getRequestVar('password_old'  );
01385           $newPw1 = $this->getRequestVar('password_new_1');
01386           $newPw2 = $this->getRequestVar('password_new_2');
01387           
01388           if   ( $newPw1 == $newPw2 )
01389           {
01390                // Aktuellen Benutzer aus der Sitzung ermitteln
01391                $user = $this->getUserFromSession();
01392                
01393                // Altes Kennwort pr�fen.
01394                $ok = $user->checkPassword( $oldPw );
01395                
01396                if   ( $ok )  // Altes Kennwort ist ok.
01397                {
01398                     $user->setPassword( $newPw1 ); // Setze neues Kennwort
01399                     $user->mustChangePassword = false;
01400                     Session::setUser($user);
01401                     $this->addNotice('user',$user->name,'password_set','ok');
01402                }
01403                else
01404                {
01405                     // Altes Kennwort falsch.
01406                     $this->addNotice('user',$user->name,'password_error','error');
01407                }
01408           }
01409           else
01410           {
01411                // Beide neuen Kennw�rter stimmen nicht �berein
01412                $this->addNotice('user',$user->name,'passwords_not_match','error');
01413           }
01414      }
01415      */
01416      
01417      
01421      function passwordcode()
01422      {
01423           if   ( !$this->hasRequestVar('username') )
01424           {
01425                $this->addValidationError('username');
01426                $this->callSubAction('password');
01427                return;
01428           }
01429           
01430           $this->checkForDb();
01431 
01432           $user = User::loadWithName( $this->getRequestVar("username") );
01433           //        Html::debug($user);
01434           if   ( $user->isValid() )
01435           {
01436                srand ((double)microtime()*1000003);
01437                $code = rand();
01438                $this->setSessionVar("password_commit_code",$code);
01439                
01440                $eMail = new Mail( $user->mail,'password_commit_code' );
01441                $eMail->setVar('name',$user->getName());
01442                $eMail->setVar('code',$code);
01443                if   ( $eMail->send() )
01444                     $this->addNotice('user',$user->getName(),'mail_sent',OR_NOTICE_OK);
01445                else
01446                     $this->addNotice('user',$user->getName(),'mail_not_sent',OR_NOTICE_ERROR,array(),$eMail->error);
01447                
01448           }
01449           else
01450           {
01451                //$this->addNotice('','user','username_not_found');
01452                // Trotzdem vort�uschen, eine E-Mail zu senden, damit die G�ltigkeit
01453                // eines Benutzernamens nicht von au�en gepr�ft werden kann.
01454                // 
01455                $this->addNotice('user',$this->getRequestVar("username"),'mail_sent');
01456                sleep(5);
01457           }
01458           
01459           $this->setSessionVar("password_commit_name",$user->name);
01460      }
01461 
01462      
01463      
01468      function passwordinputcode()
01469      {
01470           
01471      }
01472      
01473      
01477      function passwordcommit()
01478      {
01479           $username = $this->getSessionVar("password_commit_name");
01480 
01481           if   ( $this->getRequestVar("code")=='' ||
01482                  $this->getSessionVar("password_commit_code") != $this->getRequestVar("code") )
01483           {
01484                $this->addValidationError('code','PASSWORDCODE_NOT_MATCH');
01485                $this->callSubAction('passwordinputcode');
01486                return;
01487           }
01488           
01489           $user  = User::loadWithName( $username );
01490                
01491           if   ( !$user->isValid() )
01492           {
01493                // Benutzer konnte nicht geladen werden.
01494                $this->addNotice('user',$username,'error',OR_NOTICE_ERROR);
01495                return;
01496           }
01497           
01498           $newPw = User::createPassword(); // Neues Kennwort erzeugen.
01499           
01500           $eMail = new Mail( $user->mail,'password_new' );
01501           $eMail->setVar('name'    ,$user->getName());
01502           $eMail->setVar('password',$newPw          );
01503 
01504           if   ( $eMail->send() )
01505           {
01506                $user->setPassword( $newPw, false ); // Kennwort muss beim n�. Login ge�ndert werden.
01507                $this->addNotice('user',$username,'mail_sent',OR_NOTICE_OK);
01508           }
01509           else
01510           {
01511                // Sollte eigentlich nicht vorkommen, da der Benutzer ja auch schon den
01512                // Code per E-Mail erhalten hat.
01513                $this->addNotice('user',$username,'error',OR_NOTICE_ERROR,array(),$eMail->error);
01514           }
01515      }
01516      
01517      
01518      
01519      
01520 }
01521 
01522 
01523 ?>
Erzeugt am Thu May 14 00:55:48 2009 für OpenRat von  doxygen 1.5.8