10f498d06SAndreas Gohr<?php 20f498d06SAndreas Gohr 3*208fe81aSAndreas Gohruse dokuwiki\Extension\ActionPlugin; 4*208fe81aSAndreas Gohruse dokuwiki\Extension\EventHandler; 5*208fe81aSAndreas Gohruse dokuwiki\Extension\Event; 6*208fe81aSAndreas Gohr 70f498d06SAndreas Gohr/** 80f498d06SAndreas Gohr * DokuWiki Plugin pureldap (Action Component) 90f498d06SAndreas Gohr * 100f498d06SAndreas Gohr * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 110f498d06SAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org> 120f498d06SAndreas Gohr */ 13*208fe81aSAndreas Gohrclass action_plugin_pureldap_expiry extends ActionPlugin 140f498d06SAndreas Gohr{ 150f498d06SAndreas Gohr /** @inheritDoc */ 16*208fe81aSAndreas Gohr public function register(EventHandler $controller) 170f498d06SAndreas Gohr { 18d66c3080SAndreas Gohr global $conf; 19d66c3080SAndreas Gohr // the plugin might be enabled, but not used 20d66c3080SAndreas Gohr if ($conf['authtype'] !== 'authpureldap') return; 21d66c3080SAndreas Gohr 220f498d06SAndreas Gohr $controller->register_hook('DOKUWIKI_STARTED', 'AFTER', $this, 'handlePasswordExpiry'); 230f498d06SAndreas Gohr } 240f498d06SAndreas Gohr 250f498d06SAndreas Gohr /** 260f498d06SAndreas Gohr * Handle password expiry 270f498d06SAndreas Gohr * 280f498d06SAndreas Gohr * On each page load, check if the user's password is about to expire and display a warning if so. 290f498d06SAndreas Gohr * 300f498d06SAndreas Gohr * @see https://www.dokuwiki.org/devel:events:DOKUWIKI_STARTED 31*208fe81aSAndreas Gohr * @param Event $event Event object 320f498d06SAndreas Gohr * @param mixed $param optional parameter passed when event was registered 330f498d06SAndreas Gohr * @return void 340f498d06SAndreas Gohr */ 35*208fe81aSAndreas Gohr public function handlePasswordExpiry(Event $event, $param) 360f498d06SAndreas Gohr { 370f498d06SAndreas Gohr global $auth; 380f498d06SAndreas Gohr global $ID; 390f498d06SAndreas Gohr global $lang; 400f498d06SAndreas Gohr global $INPUT; 410f498d06SAndreas Gohr 420f498d06SAndreas Gohr $user = $INPUT->server->str('REMOTE_USER'); 430f498d06SAndreas Gohr if (!$user) return; // no user logged in 440f498d06SAndreas Gohr $userdata = $auth->getUserData($user); 450f498d06SAndreas Gohr 460f498d06SAndreas Gohr $warn = $auth->client->getConf('expirywarn'); // days before expiry to warn 470f498d06SAndreas Gohr if (!$warn) return; // no warning configured 480f498d06SAndreas Gohr $max = $auth->client->getMaxPasswordAge(); // max password age in seconds 490f498d06SAndreas Gohr if (!$max) return; // no max password age configured 500f498d06SAndreas Gohr $lastchange = $userdata['lastpwd'] ?? 0; // last password change timestamp 510f498d06SAndreas Gohr if (!$lastchange) return; 520f498d06SAndreas Gohr $expires = $userdata['expires'] ?? false; // password expires 530f498d06SAndreas Gohr if (!$expires) return; 540f498d06SAndreas Gohr 550f498d06SAndreas Gohr $warn = $warn * 24 * 60 * 60; // convert to seconds 560f498d06SAndreas Gohr $expiresin = ($lastchange + $max) - time(); // seconds until password expires 570f498d06SAndreas Gohr if ($expiresin > $warn) return; // not yet time to warn 580f498d06SAndreas Gohr $days = ceil($expiresin / (24 * 60 * 60)); // days until password expires 590f498d06SAndreas Gohr 600f498d06SAndreas Gohr // prepare and show message 610f498d06SAndreas Gohr $msg = sprintf($this->getLang('pwdexpire'), $days); 620f498d06SAndreas Gohr if ($auth->canDo('modPass')) { 630f498d06SAndreas Gohr $url = wl($ID, ['do' => 'profile']); 640f498d06SAndreas Gohr $msg .= ' <a href="' . $url . '">' . $lang['btn_profile'] . '</a>'; 650f498d06SAndreas Gohr } 660f498d06SAndreas Gohr msg($msg); 670f498d06SAndreas Gohr } 680f498d06SAndreas Gohr} 69