* Copyright (C) 2005-2007 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * * $Id$ * $Source$ */ /** \file htdocs/admin/security.php \ingroup setup \brief Page de configuration du module sécurité \version $Revision$ */ require("./pre.inc.php"); $langs->load("users"); $langs->load("admin"); if (!$user->admin) accessforbidden(); // Do not allow change to clear model once passwords are crypted $allow_disable_encryption=false; $mesg = ''; /* * Actions */ if ($_GET["action"] == 'setgeneraterule') { if (! dolibarr_set_const($db, 'USER_PASSWORD_GENERATED',$_GET["value"])) { dolibarr_print_error($db); } else { Header("Location: ".$_SERVER["PHP_SELF"]); exit; } } if ($_GET["action"] == 'activate_encrypt') { $db->begin(); dolibarr_set_const($db, "DATABASE_PWD_ENCRYPTED", "1"); $sql = "UPDATE ".MAIN_DB_PREFIX."user as u"; $sql.= " SET u.pass = MD5(u.pass)"; $sql.= " WHERE LENGTH(u.pass) < 32"; // Not a MD5 value //print $sql; $result = $db->query($sql); if ($result) { $db->commit(); Header("Location: security.php"); exit; } else { dolibarr_print_error($db,''); } } else if ($_GET["action"] == 'disable_encrypt') { //On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas être décodés //Do not allow "disable encryption" as passwords cannot be decrypted if ($allow_disable_encryption) { dolibarr_del_const($db, "DATABASE_PWD_ENCRYPTED"); } Header("Location: security.php"); exit; } if ($_GET["action"] == 'activate_encryptdbpassconf') { $result = encodedecode_dbpassconf(1); if ($result > 0) { dolibarr_set_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED", "1"); Header("Location: security.php"); exit; } else { $mesg='

'.$langs->trans('ConfigFileIsInReadOnly').'

'; } } else if ($_GET["action"] == 'disable_encryptdbpassconf') { $result = encodedecode_dbpassconf(0); if ($result > 0) { dolibarr_del_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED"); Header("Location: security.php"); exit; } else { $mesg = '

'.$langs->trans('ConfigFileIsInReadOnly').'

'; } } /* * Affichage onglet */ llxHeader(); if ($mesg) print "$mesg\n"; print_fiche_titre($langs->trans("SecuritySetup"),'','setup'); print $langs->trans("GeneratedPasswordDesc")."
\n"; print "
\n"; $h = 0; $head[$h][0] = DOL_URL_ROOT."/admin/perms.php"; $head[$h][1] = $langs->trans("DefaultRights"); $h++; $head[$h][0] = DOL_URL_ROOT."/admin/security.php"; $head[$h][1] = $langs->trans("Passwords"); $hselected=$h; $h++; $head[$h][0] = DOL_URL_ROOT."/admin/security_other.php"; $head[$h][1] = $langs->trans("Miscellanous"); $h++; dolibarr_fiche_head($head, $hselected, $langs->trans("Security")); $var=false; $form = new Form($db); // Choix du gestionnaire du générateur de mot de passe print '

'; print ''; print ''; print ''; // Charge tableau des modules generation $dir = "../includes/modules/security/generate"; clearstatcache(); $handle=opendir($dir); $i=1; while (($file = readdir($handle))!==false) { if (eregi('(modGeneratePass[a-z]+).class.php',$file,$reg)) { // Chargement de la classe de numérotation $classname = $reg[1]; require_once($dir.'/'.$file); $obj = new $classname($db,$conf,$langs,$user); $arrayhandler[$obj->id]=$obj; $i++; } } closedir($handle); print ''; print ''; print ''; print ''; print ''; print ''; foreach ($arrayhandler as $key => $module) { $var = !$var; print ''; // Affiche example print ''; print '\n"; } print '

'.$langs->trans("RuleForGeneratedPasswords").'		'.$langs->trans("Example").'	'.$langs->trans("Activated").'
'; print ucfirst($key); print "	\n"; print $arrayhandler[$key]->getDescription(); print '	'.$module->getExample().'	'; if ($conf->global->USER_PASSWORD_GENERATED == $key) { $title=''; print img_tick($title); } else { print ''.$langs->trans("Activate").''; } print "

'; print '

'; // Cryptage mot de passe /* * \TODO * * Ajouter options qui désactive le stockage du champ pass (seul le champ pass_crypted est alors stocké) * - "Algorithme de cryptage = MD5,..." * */ print '
'; $var=true; print "

"; print ""; print ''; print ''; print ''; print ''; print ''; print ''; $var=!$var; print ""; print ''; print ''; if ($conf->global->DATABASE_PWD_ENCRYPTED == 0) { print '"; } if($conf->global->DATABASE_PWD_ENCRYPTED == 1) { print '"; } print ""; print ''; // Cryptage du mot de base de la base dans conf.php $var=!$var; print ""; print ''; print ''; if ($conf->global->MAIN_DATABASE_PWD_CONFIG_ENCRYPTED == 0) { print '"; } if($conf->global->MAIN_DATABASE_PWD_CONFIG_ENCRYPTED == 1) { print '"; } print ""; print ''; print '

'.$langs->trans("Encryption").'	'.$langs->trans("Activated").'	'.$langs->trans("Action").'
'.$langs->trans("DoNotStoreClearPassword").'	'; if($conf->global->DATABASE_PWD_ENCRYPTED == 1) { print img_tick(); } print '	'; print ''.$langs->trans("Activate").''; print "	'; if ($allow_disable_encryption) { //On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas être décodés //Do not allow "disable encryption" as passwords cannot be decrypted print ''.$langs->trans("Disable").''; } else { print '-'; } print "
'.$langs->trans("MainDbPasswordFileConfEncrypted").'	'; if($conf->global->MAIN_DATABASE_PWD_CONFIG_ENCRYPTED == 1) { print img_tick(); } print '	'; print ''.$langs->trans("Activate").''; print "	'; print ''.$langs->trans("Disable").''; print "

'; print '

'; //print ''; print ''; $db->close(); llxFooter('$Date$ - $Revision$'); ?>