fix for 0004292: Sign-up sends a password for LDAP

git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@3011 f5dc347c-c33d-0410-90a0-b07cc1902cb9
mantisbt · Sep 28, 2004 · 39644ad · 39644ad
1 parent dc2db73
commit 39644ad
Show file tree

Hide file tree

Showing 7 changed files with 63 additions and 14 deletions.
diff --git a/account_page.php b/account_page.php
@@ -6,7 +6,7 @@
 	# See the README and LICENSE files for details
 
 	# --------------------------------------------------------
-	# $Id: account_page.php,v 1.47 2004-08-14 15:26:19 thraxisp Exp $
+	# $Id: account_page.php,v 1.48 2004-09-28 13:57:28 thraxisp Exp $
 	# --------------------------------------------------------
 
 	# CALLERS
@@ -77,7 +77,7 @@
 		</td>
 	</tr>
 
-<?php if ( $t_ldap ) { ?> <!-- With LDAP -->
+<?php if ( !helper_call_custom_function( 'auth_can_change_password', array() ) ) { ?> <!-- With LDAP -->
 
 	<!-- Username -->
 	<tr class="row-1">
@@ -91,9 +91,11 @@
 
 	<!-- Password -->
 	<tr class="row-2">
-		<td colspan="2">
-			The password settings are controlled by your LDAP entry,<br />
-			hence cannot be edited here.
+		<td class="category">
+			<?php echo lang_get( 'password' ) ?>
+		</td>
+		<td>
+			<?php echo lang_get( 'no_password_change' ) ?>
 		</td>
 	</tr>
 

diff --git a/core/custom_function_api.php b/core/custom_function_api.php
@@ -6,7 +6,7 @@
 	# See the README and LICENSE files for details
 
 	# --------------------------------------------------------
-	# $Id: custom_function_api.php,v 1.7 2004-08-27 00:29:55 thraxisp Exp $
+	# $Id: custom_function_api.php,v 1.8 2004-09-28 13:57:38 thraxisp Exp $
 	# --------------------------------------------------------
 
 	### Custom Function API ###
@@ -113,4 +113,17 @@ function custom_function_default_issue_delete_validate( $p_issue_id ) {
 	# issue before it was deleted.
 	function custom_function_default_issue_delete_notify( $p_issue_data ) {
 	}
+
+	# --------------------
+	# Hook for authentication
+	# can Mantis update the password
+	function custom_function_default_auth_can_change_password( ) {
+		$t_can_change = array( PLAIN, CRYPT, CRYPT_FULL_SALT, MD5 );
+		if ( in_array( config_get( 'login_method' ), $t_can_change ) ) {
+			return true;
+		}else{
+			return false;
+		}
+	}
+
 ?>
diff --git a/doc/ChangeLog b/doc/ChangeLog
@@ -19,6 +19,7 @@ Mantis ChangeLog
 - 0004383: [localization] Editing a note has language specific note at end of note (bpfennig)
 - 0004526: [other] Spaces needed after colons on main page (vboctor)
 - 0004558: [custom fields] Custom Fields doesn't display links (bpfennig)
+- New Custom Function: auth_can_change_password - returns true if Mantis can change the password
 - New Config: $g_display_errors - controlls error handler display
 - New Config: $g_reopen_bug_threshold - access level needed to re-open bugs
 - Removed config option ($g_show_notices, $g_show_warnings): subsumed into $g_display_errors

diff --git a/lang/strings_english.txt b/lang/strings_english.txt
@@ -9,11 +9,11 @@
 	###########################################################################
 	# English strings for Mantis
 	# -------------------------------------------------
-	# $Revision: 1.213 $
+	# $Revision: 1.214 $
 	# $Author: thraxisp $
-	# $Date: 2004-09-26 02:31:28 $
+	# $Date: 2004-09-28 13:57:38 $
 	#
-	# $Id: strings_english.txt,v 1.213 2004-09-26 02:31:28 thraxisp Exp $
+	# $Id: strings_english.txt,v 1.214 2004-09-28 13:57:38 thraxisp Exp $
 	###########################################################################
 ?>
 <?php
@@ -341,6 +341,7 @@ $s_username = 'Username';
 $s_realname = 'Real Name';
 $s_email = 'Email';
 $s_password = 'Password';
+$s_no_password_change = 'The password is controlled by another system, hence cannot be edited here.';
 $s_confirm_password = 'Confirm Password';
 $s_access_level = 'Access Level';
 $s_update_user_button = 'Update User';
@@ -854,6 +855,7 @@ $s_signup_captcha_request = 'Enter the code as it is shown in the box on the rig
 $s_signup_info = 'On completion of this form and verification of your answers, you will be sent a confirmation email to the email address you specified.<br/>Using the confirmation email, you will be able to activate your account. If you fail to activate your account within seven days, it will be purged.<br/>You must specify a valid email address in order to receive the account confirmation email.';
 $s_signup_title = 'Signup';
 $s_signup_button = 'Signup';
+$s_no_password_request = 'Your password is managed by another system. Please contact your system administrator.';
 
 # site_settings_edit_page.php
 $s_edit_site_settings_title = 'Edit Site Settings';

diff --git a/lost_pwd_page.php b/lost_pwd_page.php
@@ -6,7 +6,7 @@
 	# See the README and LICENSE files for details
 
 	# --------------------------------------------------------
-	# $Id: lost_pwd_page.php,v 1.1 2004-08-14 15:26:20 thraxisp Exp $
+	# $Id: lost_pwd_page.php,v 1.2 2004-09-28 13:57:37 thraxisp Exp $
 	# --------------------------------------------------------
 
 	# --------------------------------------------------------
@@ -35,6 +35,10 @@
 		<?php echo lang_get( 'lost_password_title' ) ?>
 	</td>
 </tr>
+<?php
+		$t_allow_passwd = helper_call_custom_function( 'auth_can_change_password', array() );
+  if ( $t_allow_passwd ) {
+?>
 <tr class="row-1">
 	<td class="category" width="25%">
 		<?php echo lang_get( 'username' ) ?>
@@ -63,6 +67,20 @@
 		<input type="submit" class="button" value="<?php echo lang_get( 'submit_button' ) ?>" />
 	</td>
 </tr>
+<?php
+  }else{
+?>
+<tr>
+	<td colspan="2">
+		<br/>
+		<?php echo lang_get( 'no_password_request' ) ?>
+		<br/><br/>
+	</td>
+</tr>
+<?php
+  }
+?>
+
 </table>
 </form>
 </div>

diff --git a/signup.php b/signup.php
@@ -6,7 +6,7 @@
 	# See the README and LICENSE files for details
 
 	# --------------------------------------------------------
-	# $Id: signup.php,v 1.37 2004-08-15 22:21:53 thraxisp Exp $
+	# $Id: signup.php,v 1.38 2004-09-28 13:57:37 thraxisp Exp $
 	# --------------------------------------------------------
 
 	require_once( 'core.php' );
@@ -30,7 +30,8 @@
 		exit;
 	}
 
-	if( ON == config_get( 'signup_use_captcha' ) && get_gd_version() > 0 ) {
+	if( ON == config_get( 'signup_use_captcha' ) && get_gd_version() > 0 	&& 
+				helper_call_custom_function( 'auth_can_change_password', array() ) ) {
 		# captcha image requires GD library and related option to ON
 		$t_key = strtolower( substr( md5( config_get( 'password_confirm_hash_magic_string' ) . $f_public_key ), 1, 5) );
 

diff --git a/signup_page.php b/signup_page.php
@@ -6,7 +6,7 @@
 	# See the README and LICENSE files for details
 
 	# --------------------------------------------------------
-	# $Id: signup_page.php,v 1.29 2004-08-14 15:26:20 thraxisp Exp $
+	# $Id: signup_page.php,v 1.30 2004-09-28 13:57:37 thraxisp Exp $
 	# --------------------------------------------------------
 
 	require_once( 'core.php' );
@@ -48,7 +48,8 @@
 	</td>
 </tr>
 <?php
-	if( ON == config_get( 'signup_use_captcha' ) && get_gd_version() > 0 ) {
+	$t_allow_passwd = helper_call_custom_function( 'auth_can_change_password', array() );
+	if( ON == config_get( 'signup_use_captcha' ) && get_gd_version() > 0 && ( true == $t_allow_passwd ) ) {
 		# captcha image requires GD library and related option to ON
 ?>
 <tr class="row-1">
@@ -63,6 +64,17 @@
 		<input type="hidden" name="public_key" value="<?php echo $t_key ?>">
 	</td>
 </tr>
+<?php
+	}
+	if( false == $t_allow_passwd ) {
+?>
+<tr class="row-1">
+	<td class="category">
+	</td>
+	<td colspan="2">
+		<?php echo lang_get( 'no_password_request' ) ?>
+	</td>
+</tr>
 <?php
 	}
 ?>