* @website: http://technology.mattrude.com/2010/11/ldap-php-change-password-webpage/ * * * GNU GENERAL PUBLIC LICENSE * Version 2, June 1991 * * Copyright (C) 1989, 1991 Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA * Everyone is permitted to copy and distribute verbatim copies * of this license document, but changing it is not allowed. */ $message = array(); $message_css = ""; function changePassword($user,$oldPassword,$newPassword,$newPasswordCnf){ global $message; global $message_css; $server = "ldaps://ldap.immae.eu"; error_reporting(0); $con = ldap_connect($server); ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3); $user_dn = "uid=$user,ou=users,dc=immae,dc=eu"; if (ldap_bind($con, $user_dn, $oldPassword) === false) { $user_dn = "uid=$user,ou=group_users,dc=immae,dc=eu"; if (ldap_bind($con, $user_dn, $oldPassword) === false) { $message[] = "Error E101 - Current Username or Password is wrong."; return false; } } if ($newPassword != $newPasswordCnf ) { $message[] = "Error E102 - Your New passwords do not match!"; return false; } if (strlen($newPassword) < 6 ) { $message[] = "Error E103 - Your new password is too short.
Your password must be at least 6 characters long."; return false; } $salt = substr(str_shuffle(str_repeat('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789',4)),0,4); $encoded_newPassword = "{SSHA}" . base64_encode(pack("H*", sha1($newPassword.$salt)).$salt); $user_search = ldap_search($con,"dc=immae,dc=eu","(uid=$user)"); $auth_entry = ldap_first_entry($con, $user_search); $mail_addresses = ldap_get_values($con, $auth_entry, "mail"); $given_names = ldap_get_values($con, $auth_entry, "givenName"); $mail_address = $mail_addresses[0]; $first_name = $given_names[0]; /* And Finally, Change the password */ $entry = array(); $entry["userPassword"] = "$encoded_newPassword"; if (ldap_modify($con,$user_dn,$entry) === false){ $error = ldap_error($con); $errno = ldap_errno($con); $message[] = "E201 - Your password cannot be changed, please contact the administrator."; $message[] = "$errno - $error"; } else { $message_css = "yes"; mail($mail_address,"Password change notice","Dear $first_name, Your password on https://tools.immae.eu/ldap_password.php for account $user was just changed. If you did not make this change, please contact me. If you were the one who changed your password, you may disregard this message. Thanks -- Immae / Ismaƫl", "From: " . getenv("CONTACT_EMAIL")); $message[] = "The password for $user has been changed.
An informational email has been sent to $mail_address.
Your new password is now fully active."; } } ?> Password Change Page

Password Change Page

'; changePassword($_POST['username'],$_POST['oldPassword'],$_POST['newPassword1'],$_POST['newPassword2']); global $message_css; if ($message_css == "yes") { echo '
'; } else { echo '
'; $message[] = "Your password was not changed."; } foreach ( $message as $one ) { echo "

$one

"; } ?>