gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2024-11-26 15:32:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

improve password expiration

Browse Source
This commit is contained in:
Uwe Steinmann 2023-03-29 20:57:48 +02:00
parent 382e78855d
commit 476c726a45
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
inc/inc.Authentication.php
View File

@ -103,14 +103,14 @@ if(file_exists($settings->_rootDir . "view/".$theme."/languages/" . $lang . "/la
/* Check if password needs to be changed because it expired. If it needs
* to be changed redirect to out/out.ForcePasswordChange.php. Do this
* check only if password expiration is turned on, we are not on the
* page to change the password or the page that changes the password,
* it is not admin, and there is currently no user substitution */
* page to change the password or the page that changes the password, the
* current user is not admin, and no user substitution has occured. */
if (!$user->isAdmin()) {
if(!$resArr['su'] && $settings->_passwordExpiration > 0) {
if (!$user->isAdmin() && !$resArr['su']) {
if($settings->_passwordExpiration > 0) {
if(basename($_SERVER['SCRIPT_NAME']) != 'out.ForcePasswordChange.php' && basename($_SERVER['SCRIPT_NAME']) != 'op.EditUserData.php' && basename($_SERVER['SCRIPT_NAME']) != 'op.Logout.php') {
$pwdexp = $user->getPwdExpiration();
if(substr($pwdexp, 0, 10) != '0000-00-00') {
if($pwdexp && substr($pwdexp, 0, 10) != '0000-00-00') {
$pwdexpts = strtotime($pwdexp); // + $pwdexp*86400;
if($pwdexpts > 0 && $pwdexpts < time()) {
header("Location: ../out/out.ForcePasswordChange.php");