alecpl
16 years ago
parent
2dbc2d787a
commit
6bd74d8d51
@ -0,0 +1,159 @@
|
||||
-----------------------------------------------------------------------
|
||||
Password Plugin for Roundcube
|
||||
-----------------------------------------------------------------------
|
||||
|
||||
Plugin that adds a possibility to change user password using many
|
||||
methods (drivers) via Settings/Password tab.
|
||||
|
||||
-----------------------------------------------------------------------
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License version 2
|
||||
as published by the Free Software Foundation.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License along
|
||||
with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
|
||||
@version 1.2
|
||||
@author Aleksander 'A.L.E.C' Machniak <alec@alec.pl>
|
||||
@author <see driver files for driver authors>
|
||||
-----------------------------------------------------------------------
|
||||
|
||||
1. Configuration
|
||||
2. Drivers
|
||||
2.1. Database (sql)
|
||||
2.2. Cyrus/SASL (sasl)
|
||||
3. Driver API
|
||||
|
||||
|
||||
1. Configuration
|
||||
----------------
|
||||
|
||||
* See config.inc.php file.
|
||||
|
||||
|
||||
2. Drivers
|
||||
----------
|
||||
|
||||
Password plugin supports many password change mechanisms which are
|
||||
handled by included drivers. Just pass driver name in 'password_driver' option.
|
||||
|
||||
|
||||
2.1. Database (sql)
|
||||
-------------------
|
||||
|
||||
You can specify which database to connect by 'password_db_dsn' option and
|
||||
what SQL query to execute by 'password_query'. See main.inc.php file for
|
||||
more info.
|
||||
|
||||
Example implementations of an update_passwd function:
|
||||
|
||||
- This is for use with LMS (http://lms.org.pl) database and postgres:
|
||||
|
||||
CREATE OR REPLACE FUNCTION update_passwd(hash text, account text) RETURNS integer AS $$
|
||||
DECLARE
|
||||
res integer;
|
||||
BEGIN
|
||||
UPDATE passwd SET password = hash
|
||||
WHERE login = split_part(account, '@', 1)
|
||||
AND domainid = (SELECT id FROM domains WHERE name = split_part(account, '@', 2))
|
||||
RETURNING id INTO res;
|
||||
RETURN res;
|
||||
END;
|
||||
$$ LANGUAGE plpgsql SECURITY DEFINER;
|
||||
|
||||
- This is for use with a SELECT update_passwd(%o,%c,%u) query
|
||||
Updates the password only when the old password matches the MD5 password
|
||||
in the database
|
||||
|
||||
CREATE FUNCTION update_password (oldpass text, cryptpass text, user text) RETURNS text
|
||||
MODIFIES SQL DATA
|
||||
BEGIN
|
||||
DECLARE currentsalt varchar(20);
|
||||
DECLARE error text;
|
||||
SET error = 'incorrect current password';
|
||||
SELECT substring_index(substr(user.password,4),_latin1'$',1) INTO currentsalt FROM users WHERE username=user;
|
||||
SELECT '' INTO error FROM users WHERE username=user AND password=ENCRYPT(oldpass,currentsalt);
|
||||
UPDATE users SET password=cryptpass WHERE username=user AND password=ENCRYPT(oldpass,currentsalt);
|
||||
RETURN error;
|
||||
END
|
||||
|
||||
Example SQL UPDATEs:
|
||||
|
||||
- Plain text passwords:
|
||||
UPDATE users SET password=%p WHERE username=%u AND password=%o AND domain=%h LIMIT 1
|
||||
|
||||
- Crypt text passwords:
|
||||
UPDATE users SET password=%c WHERE username=%u LIMIT 1
|
||||
|
||||
- Use a MYSQL crypt function (*nix only) with random 8 character salt
|
||||
UPDATE users SET password=ENCRYPT(%p,concat(_utf8'$1$',right(md5(rand()),8),_utf8'$')) WHERE username=%u LIMIT 1
|
||||
|
||||
- MD5 stored passwords:
|
||||
UPDATE users SET password=MD5(%p) WHERE username=%u AND password=MD5(%o) LIMIT 1
|
||||
|
||||
|
||||
2.2. Cyrus/SASL (sasl)
|
||||
----------------------
|
||||
|
||||
Cyrus SASL database authentication allows your Cyrus+RoundCube
|
||||
installation to host mail users without requiring a Unix Shell account!
|
||||
|
||||
This driver only covers the "sasldb" case when using Cyrus SASL. Kerberos
|
||||
and PAM authentication mechanisms will require other techniques to enable
|
||||
user password manipulations.
|
||||
|
||||
Cyrus SASL includes a shell utility called "saslpasswd" for manipulating
|
||||
user passwords in the "sasldb" database. This plugin attempts to use
|
||||
this utility to perform password manipulations required by your webmail
|
||||
users without any administrative interaction. Unfortunately, this
|
||||
scheme requires that the "saslpasswd" utility be run as the "cyrus"
|
||||
user - kind of a security problem since we have chosen to SUID a small
|
||||
script which will allow this to happen.
|
||||
|
||||
This driver is based on the Squirrelmail Change SASL Password Plugin.
|
||||
See http://www.squirrelmail.org/plugin_view.php?id=107 for details.
|
||||
|
||||
Installation:
|
||||
|
||||
Edit the chgsaslpasswd.c and chgsaslpasswd.sh files as is documented
|
||||
within them.
|
||||
|
||||
Compile the wrapper program:
|
||||
gcc -o chgsaslpasswd chgsaslpasswd.c
|
||||
|
||||
Chown the chgsaslpasswd and chgsaslpasswd.sh to the cyrus user and group
|
||||
that your browser runs as, then chmod them to 4550.
|
||||
|
||||
For example, if your cyrus user is 'cyrus' and the apache server group is
|
||||
'nobody' (I've been told Redhat runs Apache as user 'apache'):
|
||||
|
||||
chown cyrus:nobody chgsaslpasswd
|
||||
chmod 4550 chgsaslpasswd
|
||||
|
||||
Stephen Carr has suggested users should try to run the scripts on a test
|
||||
account as the cyrus user eg;
|
||||
|
||||
su cyrus -c "./chgsaslpasswd -p test_account"
|
||||
|
||||
This will allow you to make sure that the script will work for your setup.
|
||||
Should the script not work, make sure that:
|
||||
1) the user the script runs as has access to the saslpasswd|saslpasswd2
|
||||
file and proper permissions
|
||||
2) make sure the user in the chgsaslpasswd.c file is set correctly.
|
||||
This could save you some headaches if you are the paranoid type.
|
||||
|
||||
|
||||
3. Driver API
|
||||
-------------
|
||||
|
||||
Driver file (<driver_name>.php) must define 'password_save' function with
|
||||
two arguments. First - current password, second - new password. Function
|
||||
may return PASSWORD_SUCCESS on success or PASSWORD_ERROR on any error.
|
||||
See existing drivers in drivers/ directory for examples.
|
||||
|
||||
@ -0,0 +1,31 @@
|
||||
<?php
|
||||
|
||||
// Password Plugin options
|
||||
// -----------------------
|
||||
// A driver to use for password change. Default: "sql".
|
||||
$rcmail_config['password_driver'] = 'sql';
|
||||
|
||||
// Determine whether current password is required to change password.
|
||||
// Default: false.
|
||||
$rcmail_config['password_confirm_current'] = false;
|
||||
|
||||
|
||||
// SQL Driver options
|
||||
// ------------------
|
||||
// PEAR database DSN for performing the query. By default
|
||||
// Roundcube DB settings are used.
|
||||
$rcmail_config['password_db_dsn'] = '';
|
||||
|
||||
// The SQL query used to change the password.
|
||||
// The query can contain the following macros that will be expanded as follows:
|
||||
// %p is replaced with the plaintext new password
|
||||
// %c is replaced with the crypt version of the new password, MD5 if available
|
||||
// otherwise DES.
|
||||
// %u is replaced with the username (from the session info)
|
||||
// %o is replaced with the password before the change
|
||||
// %h is replaced with the imap host (from the session info)
|
||||
// Escaping of macros is handled by this module.
|
||||
// Default: "SELECT update_passwd(%c, %u)"
|
||||
$rcmail_config['password_query'] = 'SELECT update_passwd(%c, %u)';
|
||||
|
||||
?>
|
||||
@ -0,0 +1,41 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* SASL Password Driver
|
||||
*
|
||||
* Driver that adds functionality to change the users Cyrus/SASL password.
|
||||
* The code is derrived from the Squirrelmail "Change SASL Password" Plugin
|
||||
* by Galen Johnson.
|
||||
*
|
||||
* It only works with saslpasswd2 on the same host where RoundCube runs
|
||||
* and requires shell access and gcc in order to compile the binary.
|
||||
*
|
||||
* For installation instructions please read the README file.
|
||||
*
|
||||
* @version 1.0
|
||||
* @author Thomas Bruederli
|
||||
*/
|
||||
|
||||
function password_save($currpass, $newpass)
|
||||
{
|
||||
$curdir = realpath(dirname(__FILE__));
|
||||
$username = escapeshellcmd($_SESSION['username']);
|
||||
|
||||
if ($fh = popen("$curdir/chgsaslpasswd -p $username", 'w')) {
|
||||
fwrite($fh, $newpass."\n");
|
||||
$code = pclose($fh);
|
||||
|
||||
if($code == 0)
|
||||
return PASSWORD_SUCCESS;
|
||||
} else
|
||||
raise_error(array(
|
||||
'code' => 600,
|
||||
'type' => 'php',
|
||||
'file' = __FILE__,
|
||||
'message' => "Password plugin: Unable to execute $curdir/chgsaslpasswd"
|
||||
), true, false);
|
||||
|
||||
return PASSWORD_ERROR;
|
||||
}
|
||||
|
||||
?>
|
||||
@ -0,0 +1,66 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* SQL Password Driver
|
||||
*
|
||||
* Driver for passwords stored in SQL database
|
||||
*
|
||||
* @version 1.0
|
||||
* @author Aleksander 'A.L.E.C' Machniak <alec@alec.pl>
|
||||
*
|
||||
*/
|
||||
|
||||
function password_save($curpass, $passwd)
|
||||
{
|
||||
$rcmail = rcmail::get_instance();
|
||||
|
||||
if (!($sql = $rcmail->config->get('password_query')))
|
||||
$sql = 'SELECT update_passwd(%c, %u)';
|
||||
|
||||
if ($dsn = $rcmail->config->get('password_db_dsn')) {
|
||||
$db = new rcube_mdb2($dsn, '', FALSE);
|
||||
$db->set_debug((bool)$rcmail->config->get('sql_debug'));
|
||||
$db->db_connect('w');
|
||||
} else {
|
||||
$db = $rcmail->get_dbh();
|
||||
}
|
||||
|
||||
if ($err = $db->is_error())
|
||||
return PASSWORD_ERROR;
|
||||
|
||||
if (strpos($sql, '%c') !== FALSE) {
|
||||
$salt = '';
|
||||
if (CRYPT_MD5) {
|
||||
$len = rand(3, CRYPT_SALT_LENGTH);
|
||||
} else if (CRYPT_STD_DES) {
|
||||
$len = 2;
|
||||
} else {
|
||||
return PASSWORD_CRYPT_ERROR;
|
||||
}
|
||||
for ($i = 0; $i < $len ; $i++) {
|
||||
$salt .= chr(rand(ord('.'), ord('z')));
|
||||
}
|
||||
$sql = str_replace('%c', $db->quote(crypt($passwd, CRYPT_MD5 ? '$1$'.$salt.'$' : $salt)), $sql);
|
||||
}
|
||||
|
||||
$sql = str_replace('%u', $db->quote($_SESSION['username'],'text'), $sql);
|
||||
$sql = str_replace('%p', $db->quote($passwd,'text'), $sql);
|
||||
$sql = str_replace('%o', $db->quote($curpass,'text'), $sql);
|
||||
$sql = str_replace('%h', $db->quote($_SESSION['imap_host'],'text'), $sql);
|
||||
|
||||
$res = $db->query($sql);
|
||||
|
||||
if (!$db->is_error()) {
|
||||
if (strtolower(substr(trim($query),0,6))=='select') {
|
||||
if ($result = $db->fetch_array($res))
|
||||
return PASSWORD_SUCCESS;
|
||||
} else {
|
||||
if ($db->affected_rows($res) == 1)
|
||||
return PASSWORD_SUCCESS; // This is the good case: 1 row updated
|
||||
}
|
||||
}
|
||||
|
||||
return PASSWORD_ERROR;
|
||||
}
|
||||
|
||||
?>
|
||||
@ -1,65 +0,0 @@
|
||||
+-------------------------------------------------------------------------+
|
||||
|
|
||||
| Author: Thomas Bruederli
|
||||
| Source: Squirrelmail Change SASL Password Plugin by Galen Johnson
|
||||
| Program: sasl_password
|
||||
| Version: 1.0
|
||||
| Purpose: Change Cyrus Account Passwords
|
||||
|
|
||||
+-------------------------------------------------------------------------+
|
||||
|
||||
|
||||
Purpose
|
||||
-------
|
||||
Cyrus SASL database authentication allows your Cyrus+RoundCube
|
||||
installation to host mail users without requiring a Unix Shell account!
|
||||
|
||||
This plugin only covers the "sasldb" case when using Cyrus SASL. Kerberos
|
||||
and PAM authentication mechanisms will require other techniques to enable
|
||||
user password manipulations.
|
||||
|
||||
Cyrus SASL includes a shell utility called "saslpasswd" for manipulating
|
||||
user passwords in the "sasldb" database. This patch attempts to use
|
||||
this utility to perform password manipulations required by your webmail
|
||||
users without any administrative interaction. Unfortunately, this
|
||||
scheme requires that the "saslpasswd" utility be run as the "cyrus"
|
||||
user - kind of a security problem since we have chosen to SUID a small
|
||||
script which will allow this to happen.
|
||||
|
||||
This plugin is based on the Squirrelmail Change SASL Password Plugin.
|
||||
See http://www.squirrelmail.org/plugin_view.php?id=107 for details.
|
||||
|
||||
|
||||
Installation
|
||||
------------
|
||||
Install just like any other plugin, just put it in the plugin directory
|
||||
and activate it by adding 'sasl_password' to the list of active plugins
|
||||
in config/main.inc.php
|
||||
|
||||
Edit the chgsaslpasswd.c and chgsaslpasswd.sh files as is documented
|
||||
within them.
|
||||
|
||||
Compile the wrapper program:
|
||||
gcc -o chgsaslpasswd chgsaslpasswd.c
|
||||
|
||||
Chown the chgsaslpasswd and chgsaslpasswd.sh to the cyrus user and group
|
||||
that your browser runs as, then chmod them to 4550.
|
||||
|
||||
For example, if your cyrus user is 'cyrus' and the apache server group is
|
||||
'nobody' (I've been told Redhat runs Apache as user 'apache'):
|
||||
|
||||
chown cyrus:nobody chgsaslpasswd
|
||||
chmod 4550 chgsaslpasswd
|
||||
|
||||
Stephen Carr has suggested users should try to run the scripts on a test
|
||||
account as the cyrus user eg;
|
||||
|
||||
su cyrus -c "./chgsaslpasswd -p test_account"
|
||||
|
||||
This will allow you to make sure that the script will work for your setup.
|
||||
Should the script not work, make sure that:
|
||||
1) the user the script runs as has access to the saslpasswd|saslpasswd2
|
||||
file and proper permissions
|
||||
2) make sure the user in the chgsaslpasswd.c file is set correctly.
|
||||
This could save you some headaches if you are the paranoid type.
|
||||
|
||||
@ -1,27 +0,0 @@
|
||||
#include <stdio.h>
|
||||
#include <unistd.h>
|
||||
|
||||
// set the UID this script will run as (cyrus user)
|
||||
#define UID 96
|
||||
// set the path to saslpasswd or saslpasswd2
|
||||
#define CMD "/usr/sbin/saslpasswd2"
|
||||
|
||||
/* INSTALLING:
|
||||
gcc -o chgsaslpasswd chgsaslpasswd.c
|
||||
chown root.apache chgsaslpasswd
|
||||
strip chgsaslpasswd
|
||||
chmod 4550 chgsaslpasswd
|
||||
*/
|
||||
|
||||
main(int argc, char *argv[])
|
||||
{
|
||||
int rc,cc;
|
||||
|
||||
cc = setuid(UID);
|
||||
rc = execvp(CMD, argv);
|
||||
if ((rc != 0) || (cc != 0))
|
||||
{
|
||||
fprintf(stderr,"__ %s: failed %d %d\n",argv[0],rc,cc);
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
@ -1,16 +0,0 @@
|
||||
<?php
|
||||
|
||||
$labels = array();
|
||||
$labels['changepasswd'] = 'Passwort ändern';
|
||||
$labels['curpasswd'] = 'Aktuelles Passwort';
|
||||
$labels['newpasswd'] = 'Neues Passwort';
|
||||
$labels['confpasswd'] = 'Passwort Wiederholung';
|
||||
|
||||
$messages = array();
|
||||
$messages['nopassword'] = "Bitte geben Sie ein neues Passwort ein";
|
||||
$messages['nocurpassword'] = "Bitte geben Sie Ihr aktuelles Passwort an";
|
||||
$messages['passwordincorrect'] = "Das aktuelle Passwort ist nicht korrekt";
|
||||
$messages['passwordinconsistency'] = "Das neue Passwort und dessen Wiederholung stimmen nicht überein";
|
||||
$messages['successfullysaved'] = "Ihr Passwort wurde erfolgreich geändert";
|
||||
|
||||
?>
|
||||
@ -1,16 +0,0 @@
|
||||
<?php
|
||||
|
||||
$labels = array();
|
||||
$labels['changepasswd'] = 'Change Password';
|
||||
$labels['curpasswd'] = 'Current Password:';
|
||||
$labels['newpasswd'] = 'New Password:';
|
||||
$labels['confpasswd'] = 'Confirm New Password:';
|
||||
|
||||
$messages = array();
|
||||
$messages['nopassword'] = "Please enter the new password";
|
||||
$messages['nocurpassword'] = "Please enter your current password";
|
||||
$messages['passwordincorrect'] = "Current password is incorrect";
|
||||
$messages['passwordinconsistency'] = "The new password and it's confirmation do not match";
|
||||
$messages['successfullysaved'] = "Successfully changed password";
|
||||
|
||||
?>
|
||||
@ -1,16 +0,0 @@
|
||||
<?php
|
||||
|
||||
$labels = array();
|
||||
$labels['changepasswd'] = 'Zmiana hasła';
|
||||
$labels['curpasswd'] = 'Aktualne hasło:';
|
||||
$labels['newpasswd'] = 'Nowe hasło:';
|
||||
$labels['confpasswd'] = 'Potwierdź hasło:';
|
||||
|
||||
$messages = array();
|
||||
$messages['nopassword'] = "Wprowadź nowe hasło";
|
||||
$messages['nocurpassword'] = "Wprowadź aktualne hasło";
|
||||
$messages['passwordincorrect'] = 'Błędne aktualne hasło, spróbuj ponownie.';
|
||||
$messages['passwordinconsistency'] = 'Hasła nie pasują, spróbuj ponownie.';
|
||||
$messages['successfullysaved'] = "Zapisano.";
|
||||
|
||||
?>
|
||||
@ -1,43 +0,0 @@
|
||||
/* SASL pssword change interface (tab) */
|
||||
|
||||
function sasl_password_save()
|
||||
{
|
||||
var input_curpasswd = $('#saslcurpasswd')[0];
|
||||
var input_newpasswd = $('#saslnewpasswd')[0];
|
||||
var input_confpasswd = $('#saslconfpasswd')[0];
|
||||
|
||||
if (input_curpasswd && input_curpasswd.value=='') {
|
||||
alert(rcmail.gettext('nocurpassword', 'sasl_password'));
|
||||
input_curpasswd.focus();
|
||||
}
|
||||
else if (input_newpasswd && input_newpasswd.value=='') {
|
||||
alert(rcmail.gettext('nopassword', 'sasl_password'));
|
||||
input_newpasswd.focus();
|
||||
}
|
||||
else if (input_confpasswd && input_confpasswd.value=='') {
|
||||
alert(rcmail.gettext('nopassword', 'sasl_password'));
|
||||
input_confpasswd.focus();
|
||||
}
|
||||
else if ((input_newpasswd && input_confpasswd) && (input_newpasswd.value != input_confpasswd.value)) {
|
||||
alert(rcmail.gettext('passwordinconsistency', 'sasl_password'));
|
||||
input_newpasswd.focus();
|
||||
}
|
||||
else {
|
||||
rcmail.gui_objects.passform.submit();
|
||||
}
|
||||
}
|
||||
|
||||
if (window.rcmail) {
|
||||
rcmail.addEventListener('init', function(evt) {
|
||||
// <span id="settingstabdefault" class="tablink"><roundcube:button command="preferences" type="link" label="preferences" title="editpreferences" /></span>
|
||||
var tab = $('<span>').attr('id', 'settingstabpluginsaslpassword').addClass('tablink');
|
||||
|
||||
var button = $('<a>').attr('href', rcmail.env.comm_path+'&_action=plugin.saslpassword').html(rcmail.gettext('password')).appendTo(tab);
|
||||
button.bind('click', function(e){ return rcmail.command('plugin.saslpassword', this) });
|
||||
|
||||
// add button and register commands
|
||||
rcmail.add_element(tab, 'tabs');
|
||||
rcmail.register_command('plugin.saslpassword', function() { rcmail.goto_url('plugin.saslpassword') }, true);
|
||||
rcmail.register_command('plugin.saslpassword-save', sasl_password_save, true);
|
||||
});
|
||||
}
|
||||
@ -1,146 +0,0 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Change SASL Password
|
||||
*
|
||||
* Plugin that adds functionality ty to change the users Cyrus/SASL password.
|
||||
* The code is derrived from the Squirrelmail "Change SASL Password" Plugin
|
||||
* by Galen Johnson.
|
||||
*
|
||||
* It only works with saslpasswd2 on the same host where RoundCube runs
|
||||
* and requires shell access and gcc in order to compile the binary.
|
||||
*
|
||||
* For installation instructions please read the README file.
|
||||
*
|
||||
* @version 1.0
|
||||
* @author Thomas Bruederli
|
||||
*/
|
||||
class sasl_password extends rcube_plugin
|
||||
{
|
||||
public $task = 'settings';
|
||||
|
||||
function init()
|
||||
{
|
||||
$rcmail = rcmail::get_instance();
|
||||
// add Tab label
|
||||
$rcmail->output->add_label('password');
|
||||
$this->register_action('plugin.saslpassword', array($this, 'password_init'));
|
||||
$this->register_action('plugin.saslpassword-save', array($this, 'password_save'));
|
||||
$this->include_script('sasl_password.js');
|
||||
}
|
||||
|
||||
function password_init()
|
||||
{
|
||||
$this->add_texts('locale/');
|
||||
$this->register_handler('plugin.body', array($this, 'password_form'));
|
||||
|
||||
$rcmail = rcmail::get_instance();
|
||||
$rcmail->output->set_pagetitle($this->gettext('changepasswd'));
|
||||
$rcmail->output->send('plugin');
|
||||
}
|
||||
|
||||
function password_save()
|
||||
{
|
||||
$rcmail = rcmail::get_instance();
|
||||
|
||||
$this->add_texts('locale/');
|
||||
$this->register_handler('plugin.body', array($this, 'password_form'));
|
||||
|
||||
if (!isset($_POST['_curpasswd']) || !isset($_POST['_newpasswd'])) {
|
||||
$rcmail->output->command('display_message', $this->gettext('nopassword'), 'error');
|
||||
}
|
||||
else {
|
||||
$curpwd = get_input_value('_curpasswd', RCUBE_INPUT_POST);
|
||||
$newpwd = get_input_value('_newpasswd', RCUBE_INPUT_POST);
|
||||
|
||||
if ($rcmail->decrypt($_SESSION['password']) != $curpwd) {
|
||||
$rcmail->output->command('display_message', $this->gettext('passwordincorrect'), 'error');
|
||||
}
|
||||
else if ($this->_save($newpwd)) {
|
||||
$rcmail->output->command('display_message', $this->gettext('successfullysaved'), 'confirmation');
|
||||
$_SESSION['password'] = $rcmail->encrypt($newpwd);
|
||||
}
|
||||
else {
|
||||
$rcmail->output->command('display_message', $this->gettext('errorsaving'), 'error');
|
||||
}
|
||||
}
|
||||
|
||||
rcmail_overwrite_action('plugin.saslpassword');
|
||||
rcmail::get_instance()->output->send('plugin');
|
||||
}
|
||||
|
||||
function password_form()
|
||||
{
|
||||
$rcmail = rcmail::get_instance();
|
||||
|
||||
// add some labels to client
|
||||
$rcmail->output->add_label(
|
||||
'sasl_password.nopassword',
|
||||
'sasl_password.nocurpassword',
|
||||
'sasl_password.passwordinconsistency',
|
||||
'sasl_password.changepasswd'
|
||||
);
|
||||
|
||||
$table = new html_table(array('cols' => 2));
|
||||
|
||||
// show current password selection
|
||||
$field_id = 'saslcurpasswd';
|
||||
$input_newpasswd = new html_passwordfield(array('name' => '_curpasswd', 'id' => $field_id, 'size' => 25));
|
||||
|
||||
$table->add('title', html::label($field_id, Q($this->gettext('curpasswd'))));
|
||||
$table->add(null, $input_newpasswd->show());
|
||||
|
||||
// show new password selection
|
||||
$field_id = 'saslnewpasswd';
|
||||
$input_newpasswd = new html_passwordfield(array('name' => '_newpasswd', 'id' => $field_id, 'size' => 25));
|
||||
|
||||
$table->add('title', html::label($field_id, Q($this->gettext('newpasswd'))));
|
||||
$table->add(null, $input_newpasswd->show());
|
||||
|
||||
// show confirm password selection
|
||||
$field_id = 'saslconfpasswd';
|
||||
$input_confpasswd = new html_passwordfield(array('name' => '_confpasswd', 'id' => $field_id, 'size' => 25));
|
||||
|
||||
$table->add('title', html::label($field_id, Q($this->gettext('confpasswd'))));
|
||||
$table->add(null, $input_confpasswd->show());
|
||||
|
||||
$out = html::div(array('class' => "settingsbox", 'style' => "margin:0"),
|
||||
html::div(array('id' => "userprefs-title"), $this->gettext('changepasswd')) .
|
||||
html::div(array('style' => "padding:15px"), $table->show() .
|
||||
html::p(null,
|
||||
$rcmail->output->button(array(
|
||||
'command' => 'plugin.saslpassword-save',
|
||||
'type' => 'input',
|
||||
'class' => 'button mainaction',
|
||||
'label' => 'save'
|
||||
)))
|
||||
)
|
||||
);
|
||||
|
||||
$rcmail->output->add_gui_object('passform', 'password-form');
|
||||
|
||||
return $rcmail->output->form_tag(array(
|
||||
'id' => 'password-form',
|
||||
'name' => 'password-form',
|
||||
'method' => 'post',
|
||||
'action' => './?_task=settings&_action=plugin.saslpassword-save',
|
||||
), $out);
|
||||
}
|
||||
|
||||
private function _save($passwd)
|
||||
{
|
||||
$curdir = realpath(dirname(__FILE__));
|
||||
$username = escapeshellcmd($_SESSION['username']);
|
||||
$code = 1;
|
||||
|
||||
if ($fh = popen("$curdir/chgsaslpasswd -p $username", 'w')) {
|
||||
fwrite($fh, $passwd."\n");
|
||||
$code = pclose($fh);
|
||||
}
|
||||
|
||||
return ($code == 0);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
Loading…
Reference in New Issue