1*0f498d06SAndreas Gohr<?php 2*0f498d06SAndreas Gohr 3*0f498d06SAndreas Gohr/** 4*0f498d06SAndreas Gohr * DokuWiki Plugin pureldap (Action Component) 5*0f498d06SAndreas Gohr * 6*0f498d06SAndreas Gohr * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 7*0f498d06SAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org> 8*0f498d06SAndreas Gohr */ 9*0f498d06SAndreas Gohrclass action_plugin_pureldap_expiry extends \dokuwiki\Extension\ActionPlugin 10*0f498d06SAndreas Gohr{ 11*0f498d06SAndreas Gohr /** @inheritDoc */ 12*0f498d06SAndreas Gohr public function register(Doku_Event_Handler $controller) 13*0f498d06SAndreas Gohr { 14*0f498d06SAndreas Gohr $controller->register_hook('DOKUWIKI_STARTED', 'AFTER', $this, 'handlePasswordExpiry'); 15*0f498d06SAndreas Gohr } 16*0f498d06SAndreas Gohr 17*0f498d06SAndreas Gohr /** 18*0f498d06SAndreas Gohr * Handle password expiry 19*0f498d06SAndreas Gohr * 20*0f498d06SAndreas Gohr * On each page load, check if the user's password is about to expire and display a warning if so. 21*0f498d06SAndreas Gohr * 22*0f498d06SAndreas Gohr * @see https://www.dokuwiki.org/devel:events:DOKUWIKI_STARTED 23*0f498d06SAndreas Gohr * @param Doku_Event $event Event object 24*0f498d06SAndreas Gohr * @param mixed $param optional parameter passed when event was registered 25*0f498d06SAndreas Gohr * @return void 26*0f498d06SAndreas Gohr */ 27*0f498d06SAndreas Gohr public function handlePasswordExpiry(Doku_Event $event, $param) 28*0f498d06SAndreas Gohr { 29*0f498d06SAndreas Gohr global $auth; 30*0f498d06SAndreas Gohr global $ID; 31*0f498d06SAndreas Gohr global $lang; 32*0f498d06SAndreas Gohr global $INPUT; 33*0f498d06SAndreas Gohr 34*0f498d06SAndreas Gohr $user = $INPUT->server->str('REMOTE_USER'); 35*0f498d06SAndreas Gohr if (!$user) return; // no user logged in 36*0f498d06SAndreas Gohr $userdata = $auth->getUserData($user); 37*0f498d06SAndreas Gohr 38*0f498d06SAndreas Gohr $warn = $auth->client->getConf('expirywarn'); // days before expiry to warn 39*0f498d06SAndreas Gohr if (!$warn) return; // no warning configured 40*0f498d06SAndreas Gohr $max = $auth->client->getMaxPasswordAge(); // max password age in seconds 41*0f498d06SAndreas Gohr if (!$max) return; // no max password age configured 42*0f498d06SAndreas Gohr $lastchange = $userdata['lastpwd'] ?? 0; // last password change timestamp 43*0f498d06SAndreas Gohr if (!$lastchange) return; 44*0f498d06SAndreas Gohr $expires = $userdata['expires'] ?? false; // password expires 45*0f498d06SAndreas Gohr if (!$expires) return; 46*0f498d06SAndreas Gohr 47*0f498d06SAndreas Gohr $warn = $warn * 24 * 60 * 60; // convert to seconds 48*0f498d06SAndreas Gohr $expiresin = ($lastchange + $max) - time(); // seconds until password expires 49*0f498d06SAndreas Gohr if ($expiresin > $warn) return; // not yet time to warn 50*0f498d06SAndreas Gohr $days = ceil($expiresin / (24 * 60 * 60)); // days until password expires 51*0f498d06SAndreas Gohr 52*0f498d06SAndreas Gohr // prepare and show message 53*0f498d06SAndreas Gohr $msg = sprintf($this->getLang('pwdexpire'), $days); 54*0f498d06SAndreas Gohr if ($auth->canDo('modPass')) { 55*0f498d06SAndreas Gohr $url = wl($ID, ['do' => 'profile']); 56*0f498d06SAndreas Gohr $msg .= ' <a href="' . $url . '">' . $lang['btn_profile'] . '</a>'; 57*0f498d06SAndreas Gohr } 58*0f498d06SAndreas Gohr msg($msg); 59*0f498d06SAndreas Gohr } 60*0f498d06SAndreas Gohr} 61*0f498d06SAndreas Gohr 62