1<?php
2
3use dokuwiki\Extension\ActionPlugin;
4use dokuwiki\Extension\EventHandler;
5use dokuwiki\Extension\Event;
6
7/**
8 * DokuWiki Plugin pureldap (Action Component)
9 *
10 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
11 * @author  Andreas Gohr <andi@splitbrain.org>
12 */
13class action_plugin_pureldap_expiry extends ActionPlugin
14{
15    /** @inheritDoc */
16    public function register(EventHandler $controller)
17    {
18        global $conf;
19        // the plugin might be enabled, but not used
20        if ($conf['authtype'] !== 'authpureldap') return;
21
22        $controller->register_hook('DOKUWIKI_STARTED', 'AFTER', $this, 'handlePasswordExpiry');
23    }
24
25    /**
26     * Handle password expiry
27     *
28     * On each page load, check if the user's password is about to expire and display a warning if so.
29     *
30     * @see https://www.dokuwiki.org/devel:events:DOKUWIKI_STARTED
31     * @param Event $event Event object
32     * @param mixed $param optional parameter passed when event was registered
33     * @return void
34     */
35    public function handlePasswordExpiry(Event $event, $param)
36    {
37        global $auth;
38        global $ID;
39        global $lang;
40        global $INPUT;
41
42        $user = $INPUT->server->str('REMOTE_USER');
43        if (!$user) return; // no user logged in
44        $userdata = $auth->getUserData($user);
45
46        $warn = $auth->client->getConf('expirywarn'); // days before expiry to warn
47        if (!$warn) return; // no warning configured
48        $max = $auth->client->getMaxPasswordAge(); // max password age in seconds
49        if (!$max) return; // no max password age configured
50        $lastchange = $userdata['lastpwd'] ?? 0; // last password change timestamp
51        if (!$lastchange) return;
52        $expires = $userdata['expires'] ?? false; // password expires
53        if (!$expires) return;
54
55        $warn = $warn * 24 * 60 * 60; // convert to seconds
56        $expiresin = ($lastchange + $max) - time(); // seconds until password expires
57        if ($expiresin > $warn) return; // not yet time to warn
58        $days = ceil($expiresin / (24 * 60 * 60)); // days until password expires
59
60        // prepare and show message
61        $msg = sprintf($this->getLang('pwdexpire'), $days);
62        if ($auth->canDo('modPass')) {
63            $url = wl($ID, ['do' => 'profile']);
64            $msg .= ' <a href="' . $url . '">' . $lang['btn_profile'] . '</a>';
65        }
66        msg($msg);
67    }
68}
69