* Copyright (C) 2005-2007 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ /** * \file htdocs/admin/security.php * \ingroup setup * \brief Page de configuration du module securite */ require("../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/lib/admin.lib.php"); require_once(DOL_DOCUMENT_ROOT.'/lib/security.lib.php'); $langs->load("users"); $langs->load("admin"); $langs->load("other"); if (!$user->admin) accessforbidden(); // Allow/Disallow change to clear passwords once passwords are crypted $allow_disable_encryption=true; $mesg = ''; /* * Actions */ if ($_GET["action"] == 'setgeneraterule') { if (! dolibarr_set_const($db, 'USER_PASSWORD_GENERATED',$_GET["value"],'chaine',0,'',$conf->entity)) { dol_print_error($db); } else { Header("Location: ".$_SERVER["PHP_SELF"]); exit; } } if ($_GET["action"] == 'activate_encrypt') { $error=0; $db->begin(); dolibarr_set_const($db, "DATABASE_PWD_ENCRYPTED", "1",'chaine',0,'',$conf->entity); $sql = "SELECT u.rowid, u.pass, u.pass_crypted"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; $sql.= " WHERE u.pass IS NOT NULL AND LENGTH(u.pass) < 32"; // Not a MD5 value $resql=$db->query($sql); if ($resql) { $numrows=$db->num_rows($resql); $i=0; while ($i < $numrows) { $obj=$db->fetch_object($resql); if (md5($obj->pass)) { $sql = "UPDATE ".MAIN_DB_PREFIX."user"; $sql.= " SET pass_crypted = '".md5($obj->pass)."', pass = NULL"; $sql.= " WHERE rowid=".$obj->rowid; //print $sql; $resql2 = $db->query($sql); if (! $resql2) { dol_print_error($db); $error++; break; } $i++; } } } else dol_print_error($db); //print $error." ".$sql; //exit; if (! $error) { $db->commit(); Header("Location: security.php"); exit; } else { $db->rollback(); dol_print_error($db,''); } } else if ($_GET["action"] == 'disable_encrypt') { //On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas etre decodes //Do not allow "disable encryption" as passwords cannot be decrypted if ($allow_disable_encryption) { dolibarr_del_const($db, "DATABASE_PWD_ENCRYPTED",$conf->entity); } Header("Location: security.php"); exit; } if ($_GET["action"] == 'activate_encryptdbpassconf') { $result = encodedecode_dbpassconf(1); if ($result > 0) { // database value not required //dolibarr_set_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED", "1"); Header("Location: security.php"); exit; } else { $mesg='
'.$langs->trans('InstrucToEncodePass',dol_encode($dolibarr_main_db_pass)).'
'; } } else if ($_GET["action"] == 'disable_encryptdbpassconf') { $result = encodedecode_dbpassconf(0); if ($result > 0) { // database value not required //dolibarr_del_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED",$conf->entity); Header("Location: security.php"); exit; } else { $mesg='
'.$langs->trans('InstrucToClearPass',$dolibarr_main_db_pass).'
'; } } if ($_GET["action"] == 'activate_pdfsecurity') { dolibarr_set_const($db, "PDF_SECURITY_ENCRYPTION", "1",'chaine',0,'',$conf->entity); Header("Location: security.php"); exit; } else if ($_GET["action"] == 'disable_pdfsecurity') { dolibarr_del_const($db, "PDF_SECURITY_ENCRYPTION",$conf->entity); Header("Location: security.php"); exit; } if ($_GET["action"] == 'activate_MAIN_SECURITY_DISABLEFORGETPASSLINK') { dolibarr_set_const($db, "MAIN_SECURITY_DISABLEFORGETPASSLINK", '1','chaine',0,'',$conf->entity); Header("Location: security.php"); exit; } else if ($_GET["action"] == 'disable_MAIN_SECURITY_DISABLEFORGETPASSLINK') { dolibarr_del_const($db, "MAIN_SECURITY_DISABLEFORGETPASSLINK",$conf->entity); Header("Location: security.php"); exit; } /* * View */ $html = new Form($db); llxHeader('',$langs->trans("Passwords")); print_fiche_titre($langs->trans("SecuritySetup"),'','setup'); if ($mesg) print $mesg."
\n"; print $langs->trans("GeneratedPasswordDesc")."
\n"; print "
\n"; $head=security_prepare_head(); dol_fiche_head($head, 'passwords', $langs->trans("Security")); $var=false; // Choix du gestionnaire du generateur de mot de passe print '
'; print ''; print ''; print ''; print ''; // Charge tableau des modules generation $dir = "../includes/modules/security/generate"; clearstatcache(); $handle=opendir($dir); $i=1; if (is_resource($handle)) { while (($file = readdir($handle))!==false) { if (preg_match('/(modGeneratePass[a-z]+)\.class\.php/i',$file,$reg)) { // Chargement de la classe de numerotation $classname = $reg[1]; require_once($dir.'/'.$file); $obj = new $classname($db,$conf,$langs,$user); $arrayhandler[$obj->id]=$obj; $i++; } } closedir($handle); } print ''; print ''; print ''; print ''; print ''; print ''; foreach ($arrayhandler as $key => $module) { // Show modules according to features level if ($module->version == 'development' && $conf->global->MAIN_FEATURES_LEVEL < 2) continue; if ($module->version == 'experimental' && $conf->global->MAIN_FEATURES_LEVEL < 1) continue; if ($module->isEnabled()) { $var = !$var; print ''; // Show example of numbering module print ''."\n"; print '\n"; } } print '
'.$langs->trans("RuleForGeneratedPasswords").''.$langs->trans("Example").''.$langs->trans("Activated").'
'; print ucfirst($key); print "\n"; print $module->getDescription().'
'; print $langs->trans("MinLength").': '.$module->length; print '		'; $tmp=$module->getExample(); if (preg_match('/^Error/',$tmp)) print $langs->trans($tmp); else print $tmp; print ''; if ($conf->global->USER_PASSWORD_GENERATED == $key) { print img_picto('','tick'); } else { print ''.$langs->trans("Activate").''; } print "
'; print '
'; // Cryptage mot de passe print '
'; $var=true; print "
"; print ''; print ""; print ''; print ''; print ''; print ''; print ''; print ''; // Disable clear password in database $var=!$var; print ""; print ''; print ''; if (! $conf->global->DATABASE_PWD_ENCRYPTED) { print '"; } if($conf->global->DATABASE_PWD_ENCRYPTED) { print '"; } print ""; print ''; // Cryptage du mot de base de la base dans conf.php $var=!$var; print ""; print ''; print ''; print '"; print ""; print ''; // Encryption et protection des PDF $var=!$var; print ""; print ''; print ''; print '"; print ""; print ''; // Disable link "Forget password" on logon $var=!$var; print ""; print ''; print ''; if ($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK == 0) { print '"; } if($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK == 1) { print '"; } print ""; print ''; print '
'.$langs->trans("Parameters").''.$langs->trans("Activated").''.$langs->trans("Action").'
'.$langs->trans("DoNotStoreClearPassword").''; if ($conf->global->DATABASE_PWD_ENCRYPTED) { print img_picto($langs->trans("Active"),'tick'); } print ''; print ''.$langs->trans("Activate").''; print "'; if ($allow_disable_encryption) { //On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas etre decodes //Do not allow "disable encryption" as passwords cannot be decrypted print ''.$langs->trans("Disable").''; } else { print '-'; } print "
'.$langs->trans("MainDbPasswordFileConfEncrypted").''; if (preg_match('/crypted:/i',$dolibarr_main_db_pass) || ! empty($dolibarr_main_db_encrypted_pass)) { print img_picto($langs->trans("Active"),'tick'); } print ''; if (empty($dolibarr_main_db_pass) && empty($dolibarr_main_db_encrypted_pass)) { $langs->load("errors"); print img_warning($langs->trans("WarningPassIsEmpty")); } else { if (empty($dolibarr_main_db_encrypted_pass)) { print ''.$langs->trans("Activate").''; } if (! empty($dolibarr_main_db_encrypted_pass)) { print ''.$langs->trans("Disable").''; } } print "
'; $text = $langs->trans("ProtectAndEncryptPdfFiles"); $desc = $html->textwithpicto($text,$langs->transnoentities("ProtectAndEncryptPdfFilesDesc"),1); print $desc; print ''; if($conf->global->PDF_SECURITY_ENCRYPTION == 1) { print img_picto($langs->trans("Active"),'tick'); } print ''; if ($conf->global->PDF_SECURITY_ENCRYPTION == 0) { print ''.$langs->trans("Activate").''; } if($conf->global->PDF_SECURITY_ENCRYPTION == 1) { print ''.$langs->trans("Disable").''; } print "
'.$langs->trans("DisableForgetPasswordLinkOnLogonPage").''; if($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK == 1) { print img_picto($langs->trans("Active"),'tick'); } print ''; print ''.$langs->trans("Activate").''; print "'; print ''.$langs->trans("Disable").''; print "
'; print '
'; //print ''; print ''; $db->close(); llxFooter(); ?>