From 0baacefd19b7d78ab2c31d947109dec82a17f1cd Mon Sep 17 00:00:00 2001 From: Till Brehm <tbrehm@ispconfig.org> Date: Mon, 25 Aug 2014 14:32:20 -0400 Subject: [PATCH] FS#3641 - Add option to disable the password reset function --- interface/web/login/password_reset.php | 5 +++++ security/README.txt | 4 ++++ interface/web/login/templates/index.htm | 2 +- interface/web/login/index.php | 9 +++++++++ security/security_settings.ini | 1 + 5 files changed, 20 insertions(+), 1 deletions(-) diff --git a/interface/web/login/index.php b/interface/web/login/index.php index 48d3af6..4cb2e3e 100644 --- a/interface/web/login/index.php +++ b/interface/web/login/index.php @@ -325,6 +325,15 @@ $error = '<div class="box box_error"><h1>Error</h1>'.$error.'</div>'; } + $app->load('getconf'); + + $security_config = $app->getconf->get_security_config('permissions'); + if($security_config['password_reset_allowed'] == 'yes') { + $app->tpl->setVar('pw_lost_show', 1); + } else { + $app->tpl->setVar('pw_lost_show', 0); + } + $app->tpl->setVar('error', $error); $app->tpl->setVar('pw_lost_txt', $app->lng('pw_lost_txt')); $app->tpl->setVar('username_txt', $app->lng('username_txt')); diff --git a/interface/web/login/password_reset.php b/interface/web/login/password_reset.php index e29b163..c466ac8 100644 --- a/interface/web/login/password_reset.php +++ b/interface/web/login/password_reset.php @@ -31,6 +31,11 @@ require_once '../../lib/config.inc.php'; require_once '../../lib/app.inc.php'; +$app->load('getconf'); + +$security_config = $app->getconf->get_security_config('permissions'); +if($security_config['password_reset_allowed'] != 'yes') die('Password reset function has been disabled.'); + // Loading the template $app->uses('tpl'); $app->tpl->newTemplate("form.tpl.htm"); diff --git a/interface/web/login/templates/index.htm b/interface/web/login/templates/index.htm index 3fbd278..bcdd8bd 100644 --- a/interface/web/login/templates/index.htm +++ b/interface/web/login/templates/index.htm @@ -35,7 +35,7 @@ <div class="buttonHolder buttons"> <button class="positive iconstxt icoKey" type="button" value="{tmpl_var name='add_new_record_txt'}" onclick="submitLoginForm('pageForm');"><span>{tmpl_var name='login_button_txt'}</span></button> - <button class="negative iconstxt icoKey" type="button" value="{tmpl_var name='pw_lost_txt'}" onclick="loadContent('login/password_reset.php');"><span>{tmpl_var name='pw_lost_txt'}</span></button> + <tmpl_if name="pw_lost_show"><button class="negative iconstxt icoKey" type="button" value="{tmpl_var name='pw_lost_txt'}" onclick="loadContent('login/password_reset.php');"><span>{tmpl_var name='pw_lost_txt'}</span></button></tmpl_if> </div> </div> diff --git a/security/README.txt b/security/README.txt index b68f647..b42cbaa 100644 --- a/security/README.txt +++ b/security/README.txt @@ -69,6 +69,10 @@ Options: yes/no Description: Disables the remote API +Setting: password_reset_allowed +Options: yes/no +Description: Disables the password reset function. + Setting: ids_enabled Options: yes/no Description: Enables the Intrusion Detection System diff --git a/security/security_settings.ini b/security/security_settings.ini index 85d0433..4b4327a 100644 --- a/security/security_settings.ini +++ b/security/security_settings.ini @@ -15,6 +15,7 @@ admin_allow_software_packages=superadmin admin_allow_software_repo=superadmin remote_api_allowed=yes +password_reset_allowed=yes [ids] ids_enabled=yes -- Gitblit v1.9.1