ilSecuritySettings Class Reference

Singleton class that stores all security settings. More...

Collaboration diagram for ilSecuritySettings:

Public Member Functions
	getSecuritySettingsRefId ()
	setPasswordCharsAndNumbersEnabled ($a_chars_and_numbers_enabled)
	set if the passwords have to contain characters and numbers More...
	isPasswordCharsAndNumbersEnabled ()
	get boolean if the passwords have to contain characters and numbers More...
	setPasswordSpecialCharsEnabled ($a_password_special_chars_enabled)
	set if the passwords have to contain special characters More...
	isPasswordSpecialCharsEnabled ()
	get boolean if the passwords have to contain special characters More...
	setPasswordMinLength ($a_password_min_length)
	set the minimum length for passwords More...
	getPasswordMinLength ()
	get the minimum length for passwords More...
	setPasswordMaxLength ($a_password_max_length)
	set the maximum length for passwords More...
	getPasswordMaxLength ()
	get the maximum length for passwords More...
	setPasswordMaxAge ($a_password_max_age)
	set the maximum password age More...
	getPasswordMaxAge ()
	get the maximum password age More...
	setLoginMaxAttempts ($a_login_max_attempts)
	set the maximum count of login attempts More...
	getLoginMaxAttempts ()
	get the maximum count of login attempts More...
	setHTTPSEnabled ($value)
	Enable https for certain scripts. More...
	isHTTPSEnabled ()
	read access to https enabled property More...
	setPasswordChangeOnFirstLoginEnabled ($a_password_change_on_first_login_enabled)
	set if the passwords have to be changed by users on first login More...
	isPasswordChangeOnFirstLoginEnabled ()
	get boolean if the passwords have to be changed by users on first login More...
	isAdminRoleProtected ()
	Check if admin role is protected. More...
	protectedAdminRole ($a_stat)
	Set admin role protection status. More...
	checkAdminRoleAccessible ($a_usr_id)
	Check if the administrator role is accessible for a specific user. More...
	save ()
	Save settings. More...
	validate (ilPropertyFormGUI $a_form=null)
	validate settings More...
	isPreventionOfSimultaneousLoginsEnabled ()
	Prevention of simultaneous logins with the same account. More...
	setPreventionOfSimultaneousLogins ($value)
	Enable/Disable prevention of simultaneous logins with the same account. More...
	setPasswordNumberOfUppercaseChars ($password_ucase_chars_num)
	Set number of uppercase characters required. More...
	getPasswordNumberOfUppercaseChars ()
	Returns number of uppercase characters required. More...
	setPasswordNumberOfLowercaseChars ($password_lcase_chars_num)
	Set number of lowercase characters required. More...
	getPasswordNumberOfLowercaseChars ()
	Returns number of lowercase characters required. More...
	setPasswordMustNotContainLoginnameStatus ($status)
	Set whether the password must not contain the loginname or not. More...
	getPasswordMustNotContainLoginnameStatus ()
	Return whether the password must not contain the loginname or not. More...

Static Public Member Functions
static	_getInstance ()
	Get instance of ilSecuritySettings. More...

Data Fields
const	SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH = 4
const	SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH = 5
const	SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE = 6
const	SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS = 7
const	SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1 = 11
const	SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2 = 8
const	SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3 = 9
const	SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH = 10
const	DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED = true
const	DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED = false
const	DEFAULT_PASSWORD_MIN_LENGTH = 8
const	DEFAULT_PASSWORD_MAX_LENGTH = 0
const	DEFAULT_PASSWORD_MAX_AGE = 90
const	DEFAULT_LOGIN_MAX_ATTEMPTS = 5
const	DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED = false
const	DEFAULT_PREVENT_SIMULTANEOUS_LOGINS = false

Static Public Attributes
static	$SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS = 1
static	$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE = 2
static	$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE = 3

Private Member Functions
	__construct ()
	Private constructor: use _getInstance() More...
	read ()
	read settings More...

Private Attributes
	$db
	$settings
	$https_enable
	$password_chars_and_numbers_enabled = self::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED
	$password_special_chars_enabled = self::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED
	$password_min_length = self::DEFAULT_PASSWORD_MIN_LENGTH
	$password_max_length = self::DEFAULT_PASSWORD_MAX_LENGTH
	$password_max_age = self::DEFAULT_PASSWORD_MAX_AGE
	$password_ucase_chars_num = 0
	$password_lcase_chars_num = 0
	$login_max_attempts = self::DEFAULT_LOGIN_MAX_ATTEMPTS
	$password_must_not_contain_loginname = false
	$password_change_on_first_login_enabled = self::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED
	$prevent_simultaneous_logins = self::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS
	$protect_admin_role = false

Static Private Attributes
static	$instance = null

Detailed Description

Singleton class that stores all security settings.

Author

Roland Küstermann rolan.nosp@m.d@ku.nosp@m.ester.nosp@m.mann.nosp@m..com

Version

$Id$

/

Definition at line 34 of file class.ilSecuritySettings.php.

Constructor & Destructor Documentation

__construct()

ilSecuritySettings::__construct ( )

private

Private constructor: use _getInstance()

@access private

Parameters

Definition at line 87 of file class.ilSecuritySettings.php.

    {
        global $ilSetting,$ilDB;
 
        $this->db = $ilDB;
        $this->settings = $ilSetting;
 
        $this->read();
    }

References $ilDB, $ilSetting, read(), and settings().

Here is the call graph for this function:

Member Function Documentation

_getInstance()

static ilSecuritySettings::_getInstance ( )

static

Get instance of ilSecuritySettings.

Returns

ilSecuritySettings instance @access public

Definition at line 104 of file class.ilSecuritySettings.php.

    {
        if (is_object(self::$instance)) {
            return self::$instance;
        }
        return self::$instance = new ilSecuritySettings();
    }

References $instance.

Referenced by ilObjSystemFolderGUI\addToExternalSettingsForm(), ilObjRoleFolderGUI\addToExternalSettingsForm(), ilObjUserFolderGUI\addToExternalSettingsForm(), ilAuthFrontend\checkExceededLoginAttempts(), ilAuthBase\failedLoginObserver(), ilObjUserFolderGUI\generalSettingsObject(), ilUtil\generatePasswords(), ilUtil\getPasswordRequirementsInfo(), ilAuthFrontend\handleAuthenticationFail(), ilAuthFrontend\handleAuthenticationSuccess(), ilObjSystemFolderGUI\initHTTPSForm(), ilObjRoleFolderGUI\initSettingsForm(), ilUtil\isPassword(), ilObjUser\isPasswordChangeDemanded(), ilObjUser\isPasswordExpired(), ilUtil\isPasswordValidForUserContext(), ilAuthBase\loginObserver(), ilObjUserGUI\roleassignmentObject(), ilObjUserFolderGUI\saveGeneralSettingsObject(), ilObjSystemFolderGUI\saveHTTPSObject(), ilObjRoleFolderGUI\saveSettingsObject(), ilObjPrivacySecurityGUI\showSecurity(), and ilObjRoleGUI\userassignmentObject().

Here is the caller graph for this function:

checkAdminRoleAccessible()

ilSecuritySettings::checkAdminRoleAccessible

(

$a_usr_id

)

Check if the administrator role is accessible for a specific user.

Parameters

int

$a_usr_id

Definition at line 311 of file class.ilSecuritySettings.php.

    {
        global $rbacreview;
         
        if (!$this->isAdminRoleProtected()) {
            return true;
        }
        if ($rbacreview->isAssigned($a_usr_id, SYSTEM_ROLE_ID)) {
            return true;
        }
        return false;
    }

References isAdminRoleProtected().

Here is the call graph for this function:

getLoginMaxAttempts()

ilSecuritySettings::getLoginMaxAttempts

(

)

get the maximum count of login attempts

Returns

integer password max login attempts

Definition at line 240 of file class.ilSecuritySettings.php.

    {
        return $this->login_max_attempts;
    }

References $login_max_attempts.

Referenced by save(), and validate().

Here is the caller graph for this function:

getPasswordMaxAge()

ilSecuritySettings::getPasswordMaxAge

(

)

get the maximum password age

Returns

integer password max age

Definition at line 220 of file class.ilSecuritySettings.php.

    {
        return $this->password_max_age;
    }

References $password_max_age.

Referenced by save(), and validate().

Here is the caller graph for this function:

getPasswordMaxLength()

ilSecuritySettings::getPasswordMaxLength

(

)

get the maximum length for passwords

Returns

integer password max length

Definition at line 200 of file class.ilSecuritySettings.php.

    {
        return $this->password_max_length;
    }

References $password_max_length.

Referenced by save(), and validate().

Here is the caller graph for this function:

getPasswordMinLength()

ilSecuritySettings::getPasswordMinLength

(

)

get the minimum length for passwords

Returns

integer password min length

Definition at line 180 of file class.ilSecuritySettings.php.

    {
        return $this->password_min_length;
    }

References $password_min_length.

Referenced by save(), and validate().

Here is the caller graph for this function:

getPasswordMustNotContainLoginnameStatus()

ilSecuritySettings::getPasswordMustNotContainLoginnameStatus

(

)

Return whether the password must not contain the loginname or not.

Parameters

boolean

Definition at line 578 of file class.ilSecuritySettings.php.

    {
        return $this->password_must_not_contain_loginname;
    }

References $password_must_not_contain_loginname.

Referenced by save().

Here is the caller graph for this function:

getPasswordNumberOfLowercaseChars()

ilSecuritySettings::getPasswordNumberOfLowercaseChars

(

)

Returns number of lowercase characters required.

Returns

integer

Definition at line 560 of file class.ilSecuritySettings.php.

    {
        return $this->password_lcase_chars_num;
    }

References $password_lcase_chars_num.

Referenced by save(), and validate().

Here is the caller graph for this function:

getPasswordNumberOfUppercaseChars()

ilSecuritySettings::getPasswordNumberOfUppercaseChars

(

)

Returns number of uppercase characters required.

Returns

integer

Definition at line 542 of file class.ilSecuritySettings.php.

    {
        return $this->password_ucase_chars_num;
    }

References $password_ucase_chars_num.

Referenced by save(), and validate().

Here is the caller graph for this function:

getSecuritySettingsRefId()

ilSecuritySettings::getSecuritySettingsRefId

(

)

Definition at line 112 of file class.ilSecuritySettings.php.

    {
        return $this->ref_id;
    }

isAdminRoleProtected()

ilSecuritySettings::isAdminRoleProtected

(

)

Check if admin role is protected.

Returns

type

Definition at line 293 of file class.ilSecuritySettings.php.

    {
        return (bool) $this->protect_admin_role;
    }

References $protect_admin_role.

Referenced by checkAdminRoleAccessible(), and save().

Here is the caller graph for this function:

isHTTPSEnabled()

ilSecuritySettings::isHTTPSEnabled

(

)

read access to https enabled property

Returns

boolean true, if enabled, false otherwise

Definition at line 260 of file class.ilSecuritySettings.php.

    {
        return $this->https_enable;
    }

References $https_enable.

Referenced by save(), and validate().

Here is the caller graph for this function:

isPasswordChangeOnFirstLoginEnabled()

ilSecuritySettings::isPasswordChangeOnFirstLoginEnabled

(

)

get boolean if the passwords have to be changed by users on first login

Returns

boolean password change on first login enabled

Definition at line 284 of file class.ilSecuritySettings.php.

    {
        return $this->password_change_on_first_login_enabled;
    }

References $password_change_on_first_login_enabled.

Referenced by save().

Here is the caller graph for this function:

isPasswordCharsAndNumbersEnabled()

ilSecuritySettings::isPasswordCharsAndNumbersEnabled

(

)

get boolean if the passwords have to contain characters and numbers

Returns

boolean characters and numbers enabled

Definition at line 136 of file class.ilSecuritySettings.php.

    {
        return $this->password_chars_and_numbers_enabled;
    }

References $password_chars_and_numbers_enabled.

Referenced by save(), and validate().

Here is the caller graph for this function:

isPasswordSpecialCharsEnabled()

ilSecuritySettings::isPasswordSpecialCharsEnabled

(

)

get boolean if the passwords have to contain special characters

Returns

boolean password special chars enabled

Definition at line 160 of file class.ilSecuritySettings.php.

    {
        return $this->password_special_chars_enabled;
    }

References $password_special_chars_enabled.

Referenced by save(), and validate().

Here is the caller graph for this function:

isPreventionOfSimultaneousLoginsEnabled()

ilSecuritySettings::isPreventionOfSimultaneousLoginsEnabled

(

)

Prevention of simultaneous logins with the same account.

Returns

boolean true, if prevention of simultaneous logins with the same account is enabled, false otherwise

Definition at line 514 of file class.ilSecuritySettings.php.

    {
        return (bool) $this->prevent_simultaneous_logins;
    }

References $prevent_simultaneous_logins.

Referenced by save().

Here is the caller graph for this function:

protectedAdminRole()

ilSecuritySettings::protectedAdminRole

(

$a_stat

)

Set admin role protection status.

Parameters

type

$a_stat

Definition at line 302 of file class.ilSecuritySettings.php.

    {
        $this->protect_admin_role = $a_stat;
    }

read()

ilSecuritySettings::read ( )

private

read settings

@access private

Parameters

Definition at line 354 of file class.ilSecuritySettings.php.

    {
        global $ilDB;
 
        $query = "SELECT object_reference.ref_id FROM object_reference,tree,object_data " .
                "WHERE tree.parent = " . $ilDB->quote(SYSTEM_FOLDER_ID, 'integer') . " " .
                "AND object_data.type = 'ps' " .
                "AND object_reference.ref_id = tree.child " .
                "AND object_reference.obj_id = object_data.obj_id";
        $res = $this->db->query($query);
        $row = $res->fetchRow(ilDBConstants::FETCHMODE_ASSOC);
        $this->ref_id = $row["ref_id"];
 
        $this->https_enable = (boolean) $this->settings->get('https', false);
 
        $this->password_chars_and_numbers_enabled = (bool) $this->settings->get('ps_password_chars_and_numbers_enabled', self::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED);
        $this->password_special_chars_enabled = (bool) $this->settings->get('ps_password_special_chars_enabled', self::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED);
        $this->password_min_length = (int) $this->settings->get('ps_password_min_length', self::DEFAULT_PASSWORD_MIN_LENGTH);
        $this->password_max_length = (int) $this->settings->get('ps_password_max_length', self::DEFAULT_PASSWORD_MAX_LENGTH);
        $this->password_max_age = (int) $this->settings->get('ps_password_max_age', self::DEFAULT_PASSWORD_MAX_AGE);
        $this->login_max_attempts = (int) $this->settings->get('ps_login_max_attempts', self::DEFAULT_LOGIN_MAX_ATTEMPTS);
        $this->password_ucase_chars_num = (int) $this->settings->get('ps_password_uppercase_chars_num', 0);
        $this->password_lcase_chars_num = (int) $this->settings->get('ps_password_lowercase_chars_num', 0);
        $this->password_must_not_contain_loginname = $this->settings->get('ps_password_must_not_contain_loginame', 0) == '1' ? true : false;
 
        $this->password_change_on_first_login_enabled = (bool) $this->settings->get('ps_password_change_on_first_login_enabled', self::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED);
        $this->prevent_simultaneous_logins = (bool) $this->settings->get('ps_prevent_simultaneous_logins', self::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS);
        
        $this->protect_admin_role = (bool) $this->settings->get('ps_protect_admin', $this->protect_admin_role);
    }

References $ilDB, $query, $res, $row, ilDBConstants\FETCHMODE_ASSOC, and settings().

Referenced by __construct().

Here is the call graph for this function:

Here is the caller graph for this function:

save()

ilSecuritySettings::save

(

)

Save settings.

Definition at line 329 of file class.ilSecuritySettings.php.

    {
        $this->settings->set('https', (int) $this->isHTTPSEnabled());
        
        $this->settings->set('ps_password_chars_and_numbers_enabled', (bool) $this->isPasswordCharsAndNumbersEnabled());
        $this->settings->set('ps_password_special_chars_enabled', (bool) $this->isPasswordSpecialCharsEnabled());
        $this->settings->set('ps_password_min_length', (int) $this->getPasswordMinLength());
        $this->settings->set('ps_password_max_length', (int) $this->getPasswordMaxLength());
        $this->settings->set('ps_password_max_age', (int) $this->getPasswordMaxAge());
        $this->settings->set('ps_login_max_attempts', (int) $this->getLoginMaxAttempts());
        $this->settings->set('ps_password_uppercase_chars_num', (int) $this->getPasswordNumberOfUppercaseChars());
        $this->settings->set('ps_password_lowercase_chars_num', (int) $this->getPasswordNumberOfLowercaseChars());
        $this->settings->set('ps_password_must_not_contain_loginame', (int) $this->getPasswordMustNotContainLoginnameStatus());
 
        $this->settings->set('ps_password_change_on_first_login_enabled', (bool) $this->isPasswordChangeOnFirstLoginEnabled());
        $this->settings->set('ps_prevent_simultaneous_logins', (int) $this->isPreventionOfSimultaneousLoginsEnabled());
        $this->settings->set('ps_protect_admin', (int) $this->isAdminRoleProtected());
    }

References getLoginMaxAttempts(), getPasswordMaxAge(), getPasswordMaxLength(), getPasswordMinLength(), getPasswordMustNotContainLoginnameStatus(), getPasswordNumberOfLowercaseChars(), getPasswordNumberOfUppercaseChars(), isAdminRoleProtected(), isHTTPSEnabled(), isPasswordChangeOnFirstLoginEnabled(), isPasswordCharsAndNumbersEnabled(), isPasswordSpecialCharsEnabled(), isPreventionOfSimultaneousLoginsEnabled(), and settings().

Here is the call graph for this function:

setHTTPSEnabled()

ilSecuritySettings::setHTTPSEnabled

(

$value

)

Enable https for certain scripts.

Parameters

boolean

$value

Definition at line 250 of file class.ilSecuritySettings.php.

    {
        $this->https_enable = $value;
    }

setLoginMaxAttempts()

ilSecuritySettings::setLoginMaxAttempts

(

$a_login_max_attempts

)

set the maximum count of login attempts

Parameters

integer

$a_login_max_attempts

Definition at line 230 of file class.ilSecuritySettings.php.

    {
        $this->login_max_attempts = $a_login_max_attempts;
    }

setPasswordChangeOnFirstLoginEnabled()

ilSecuritySettings::setPasswordChangeOnFirstLoginEnabled

(

$a_password_change_on_first_login_enabled

)

set if the passwords have to be changed by users on first login

Parameters

boolean

$a_password_change_on_first_login_enabled

Definition at line 272 of file class.ilSecuritySettings.php.

    {
        $this->password_change_on_first_login_enabled = $a_password_change_on_first_login_enabled;
    }

setPasswordCharsAndNumbersEnabled()

ilSecuritySettings::setPasswordCharsAndNumbersEnabled

(

$a_chars_and_numbers_enabled

)

set if the passwords have to contain characters and numbers

Parameters

boolean

$a_chars_and_numbers_enabled

Definition at line 124 of file class.ilSecuritySettings.php.

    {
        $this->password_chars_and_numbers_enabled = $a_chars_and_numbers_enabled;
    }

setPasswordMaxAge()

ilSecuritySettings::setPasswordMaxAge

(

$a_password_max_age

)

set the maximum password age

Parameters

integer

$a_password_max_age

Definition at line 210 of file class.ilSecuritySettings.php.

    {
        $this->password_max_age = $a_password_max_age;
    }

setPasswordMaxLength()

ilSecuritySettings::setPasswordMaxLength

(

$a_password_max_length

)

set the maximum length for passwords

Parameters

integer

$a_password_max_length

Definition at line 190 of file class.ilSecuritySettings.php.

    {
        $this->password_max_length = $a_password_max_length;
    }

setPasswordMinLength()

ilSecuritySettings::setPasswordMinLength

(

$a_password_min_length

)

set the minimum length for passwords

Parameters

integer

$a_password_min_length

Definition at line 170 of file class.ilSecuritySettings.php.

    {
        $this->password_min_length = $a_password_min_length;
    }

setPasswordMustNotContainLoginnameStatus()

ilSecuritySettings::setPasswordMustNotContainLoginnameStatus

(

$status

)

Set whether the password must not contain the loginname or not.

Parameters

boolean

Definition at line 569 of file class.ilSecuritySettings.php.

    {
        $this->password_must_not_contain_loginname = $status;
    }

setPasswordNumberOfLowercaseChars()

ilSecuritySettings::setPasswordNumberOfLowercaseChars

(

$password_lcase_chars_num

)

Set number of lowercase characters required.

Parameters

integer

Definition at line 551 of file class.ilSecuritySettings.php.

    {
        $this->password_lcase_chars_num = $password_lcase_chars_num;
    }

References $password_lcase_chars_num.

setPasswordNumberOfUppercaseChars()

ilSecuritySettings::setPasswordNumberOfUppercaseChars

(

$password_ucase_chars_num

)

Set number of uppercase characters required.

Parameters

integer

Definition at line 533 of file class.ilSecuritySettings.php.

    {
        $this->password_ucase_chars_num = $password_ucase_chars_num;
    }

References $password_ucase_chars_num.

setPasswordSpecialCharsEnabled()

ilSecuritySettings::setPasswordSpecialCharsEnabled

(

$a_password_special_chars_enabled

)

set if the passwords have to contain special characters

Parameters

boolean

$a_password_special_chars_enabled

Definition at line 148 of file class.ilSecuritySettings.php.

    {
        $this->password_special_chars_enabled = $a_password_special_chars_enabled;
    }

setPreventionOfSimultaneousLogins()

ilSecuritySettings::setPreventionOfSimultaneousLogins

(

$value

)

Enable/Disable prevention of simultaneous logins with the same account.

Parameters

boolean

$value

Definition at line 524 of file class.ilSecuritySettings.php.

    {
        $this->prevent_simultaneous_logins = (bool) $value;
    }

validate()

ilSecuritySettings::validate

(

ilPropertyFormGUI

$a_form = null

)

validate settings

Returns

0, if everything is ok, an error code otherwise

Definition at line 390 of file class.ilSecuritySettings.php.

    {
        $code = null;
        
        if ($a_form) {
            include_once "Services/PrivacySecurity/classes/class.ilObjPrivacySecurityGUI.php";
        }
 
        include_once './Services/Http/classes/class.ilHTTPS.php';
 
        if ($this->isHTTPSEnabled()) {
            if (!ilHTTPS::_checkHTTPS()) {
                $code = ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE;
                if (!$a_form) {
                    return $code;
                } else {
                    $a_form->getItemByPostVar('https_enabled')
                           ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
                }
            }
        }
        
        if ($this->getPasswordMinLength() < 0) {
            $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH;
            if (!$a_form) {
                return $code;
            } else {
                $a_form->getItemByPostVar('password_min_length')
                        ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
            }
        }
 
        if ($this->getPasswordMaxLength() < 0) {
            $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH;
            if (!$a_form) {
                return $code;
            } else {
                $a_form->getItemByPostVar('password_max_length')
                        ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
            }
        }
 
        $password_min_length = 1;
 
        if ($this->getPasswordNumberOfUppercaseChars() > 0 || $this->getPasswordNumberOfLowercaseChars() > 0) {
            $password_min_length = 0;
            if ($this->getPasswordNumberOfUppercaseChars() > 0) {
                $password_min_length += $this->getPasswordNumberOfUppercaseChars();
            }
            if ($this->getPasswordNumberOfLowercaseChars() > 0) {
                $password_min_length += $this->getPasswordNumberOfLowercaseChars();
            }
            $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1;
        }
 
        if ($this->isPasswordCharsAndNumbersEnabled()) {
            $password_min_length++;
            $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2;
 
            if ($this->isPasswordSpecialCharsEnabled()) {
                $password_min_length++;
                $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3;
            }
        } elseif ($password_min_length > 1 && $this->isPasswordSpecialCharsEnabled()) {
            $password_min_length++;
            $password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3;
        }
 
        if ($this->getPasswordMinLength() > 0 && $this->getPasswordMinLength() < $password_min_length) {
            $code = $password_min_length_error_code;
            if (!$a_form) {
                return $code;
            } else {
                $a_form->getItemByPostVar('password_min_length')
                        ->setAlert(sprintf(ilObjPrivacySecurityGUI::getErrorMessage($code), $password_min_length));
            }
        }
        if ($this->getPasswordMaxLength() > 0 && $this->getPasswordMaxLength() < $this->getPasswordMinLength()) {
            $code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH;
            if (!$a_form) {
                return $code;
            } else {
                $a_form->getItemByPostVar('password_max_length')
                        ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
            }
        }
 
        if ($this->getPasswordMaxAge() < 0) {
            $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE;
            if (!$a_form) {
                return $code;
            } else {
                $a_form->getItemByPostVar('password_max_age')
                        ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
            }
        }
 
        if ($this->getLoginMaxAttempts() < 0) {
            $code = self::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS;
            if (!$a_form) {
                return $code;
            } else {
                $a_form->getItemByPostVar('login_max_attempts')
                        ->setAlert(ilObjPrivacySecurityGUI::getErrorMessage($code));
            }
        }
 
        /*
         * todo: have to check for local auth if first login password change is enabled??
         * than: add errorcode
         */
 
        if (!$a_form) {
            return 0;
        } else {
            return !(bool) $code;
        }
    }

References $code, $password_min_length, $SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE, ilHTTPS\_checkHTTPS(), ilObjPrivacySecurityGUI\getErrorMessage(), getLoginMaxAttempts(), getPasswordMaxAge(), getPasswordMaxLength(), getPasswordMinLength(), getPasswordNumberOfLowercaseChars(), getPasswordNumberOfUppercaseChars(), isHTTPSEnabled(), isPasswordCharsAndNumbersEnabled(), isPasswordSpecialCharsEnabled(), SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS, SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE, SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH, SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH, SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH, SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1, SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2, SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3, and sprintf.

Here is the call graph for this function:

Field Documentation

$db

ilSecuritySettings::$db

private

Definition at line 50 of file class.ilSecuritySettings.php.

$https_enable

ilSecuritySettings::$https_enable

private

Definition at line 53 of file class.ilSecuritySettings.php.

Referenced by isHTTPSEnabled().

$instance

ilSecuritySettings::$instance = null

staticprivate

Definition at line 49 of file class.ilSecuritySettings.php.

Referenced by _getInstance().

$login_max_attempts

ilSecuritySettings::$login_max_attempts = self::DEFAULT_LOGIN_MAX_ATTEMPTS

private

Definition at line 72 of file class.ilSecuritySettings.php.

Referenced by getLoginMaxAttempts().

$password_change_on_first_login_enabled

ilSecuritySettings::$password_change_on_first_login_enabled = self::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED

private

Definition at line 75 of file class.ilSecuritySettings.php.

Referenced by isPasswordChangeOnFirstLoginEnabled().

$password_chars_and_numbers_enabled

ilSecuritySettings::$password_chars_and_numbers_enabled = self::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED

private

Definition at line 65 of file class.ilSecuritySettings.php.

Referenced by isPasswordCharsAndNumbersEnabled().

$password_lcase_chars_num

ilSecuritySettings::$password_lcase_chars_num = 0

private

Definition at line 71 of file class.ilSecuritySettings.php.

Referenced by getPasswordNumberOfLowercaseChars(), and setPasswordNumberOfLowercaseChars().

$password_max_age

ilSecuritySettings::$password_max_age = self::DEFAULT_PASSWORD_MAX_AGE

private

Definition at line 69 of file class.ilSecuritySettings.php.

Referenced by getPasswordMaxAge().

$password_max_length

ilSecuritySettings::$password_max_length = self::DEFAULT_PASSWORD_MAX_LENGTH

private

Definition at line 68 of file class.ilSecuritySettings.php.

Referenced by getPasswordMaxLength().

$password_min_length

ilSecuritySettings::$password_min_length = self::DEFAULT_PASSWORD_MIN_LENGTH

private

Definition at line 67 of file class.ilSecuritySettings.php.

Referenced by getPasswordMinLength(), and validate().

$password_must_not_contain_loginname

ilSecuritySettings::$password_must_not_contain_loginname = false

private

Definition at line 73 of file class.ilSecuritySettings.php.

Referenced by getPasswordMustNotContainLoginnameStatus().

$password_special_chars_enabled

ilSecuritySettings::$password_special_chars_enabled = self::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED

private

Definition at line 66 of file class.ilSecuritySettings.php.

Referenced by isPasswordSpecialCharsEnabled().

$password_ucase_chars_num

ilSecuritySettings::$password_ucase_chars_num = 0

private

Definition at line 70 of file class.ilSecuritySettings.php.

Referenced by getPasswordNumberOfUppercaseChars(), and setPasswordNumberOfUppercaseChars().

$prevent_simultaneous_logins

ilSecuritySettings::$prevent_simultaneous_logins = self::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS

private

Definition at line 76 of file class.ilSecuritySettings.php.

Referenced by isPreventionOfSimultaneousLoginsEnabled().

$protect_admin_role

ilSecuritySettings::$protect_admin_role = false

private

Definition at line 78 of file class.ilSecuritySettings.php.

Referenced by isAdminRoleProtected().

$SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS

ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS = 1

static

Definition at line 36 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages().

$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE

ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE = 2

static

Definition at line 37 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages().

$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE

ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE = 3

static

Definition at line 38 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

$settings

ilSecuritySettings::$settings

private

Definition at line 51 of file class.ilSecuritySettings.php.

DEFAULT_LOGIN_MAX_ATTEMPTS

const ilSecuritySettings::DEFAULT_LOGIN_MAX_ATTEMPTS = 5

Definition at line 60 of file class.ilSecuritySettings.php.

DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED

const ilSecuritySettings::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED = false

Definition at line 62 of file class.ilSecuritySettings.php.

DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED

const ilSecuritySettings::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED = true

Definition at line 55 of file class.ilSecuritySettings.php.

DEFAULT_PASSWORD_MAX_AGE

const ilSecuritySettings::DEFAULT_PASSWORD_MAX_AGE = 90

Definition at line 59 of file class.ilSecuritySettings.php.

DEFAULT_PASSWORD_MAX_LENGTH

const ilSecuritySettings::DEFAULT_PASSWORD_MAX_LENGTH = 0

Definition at line 58 of file class.ilSecuritySettings.php.

DEFAULT_PASSWORD_MIN_LENGTH

const ilSecuritySettings::DEFAULT_PASSWORD_MIN_LENGTH = 8

Definition at line 57 of file class.ilSecuritySettings.php.

DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED

const ilSecuritySettings::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED = false

Definition at line 56 of file class.ilSecuritySettings.php.

DEFAULT_PREVENT_SIMULTANEOUS_LOGINS

const ilSecuritySettings::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS = false

Definition at line 63 of file class.ilSecuritySettings.php.

SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS = 7

Definition at line 43 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE = 6

Definition at line 42 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH = 5

Definition at line 41 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH = 4

Definition at line 40 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH = 10

Definition at line 47 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN1 = 11

Definition at line 44 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2 = 8

Definition at line 45 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3 = 9

Definition at line 46 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\initErrorMessages(), and validate().

---

The documentation for this class was generated from the following file:

• Services/PrivacySecurity/classes/class.ilSecuritySettings.php