ebf9211b |
1 | <?php |
4b4abf93 |
2 | |
ebf9211b |
3 | /** |
4 | * Change password vmailmgrd backend |
5 | * |
d04cab42 |
6 | * Backend won't work, if vmail.inc file is not included. vmail.inc file |
7 | * should be part of your vmailmgr install. In some cases it is included in |
ebf9211b |
8 | * separate package. |
9 | * |
d04cab42 |
10 | * If you use modified vmail.inc, it must provide vchpass() function that |
11 | * acts same way as stock (vmailmgr v.0.96.9) vmail.inc function call |
12 | * and other vmail.inc functions should use same $vm_tcphost and |
ebf9211b |
13 | * $vm_tcphost_port globals as used by stock vm_daemon_raw() function call. |
d04cab42 |
14 | * If you have heavily modified vmail.inc and this backend does not work |
15 | * correctly - recheck, if you can reproduce your problem with stock |
ebf9211b |
16 | * vmail.inc or adjust backend configuration for your site. |
17 | * |
d04cab42 |
18 | * Backend also needs vmailmgrd service. You can find information about |
ebf9211b |
19 | * installing this service in vmailmgr FAQ and vmailmgrd.html. |
20 | * |
d04cab42 |
21 | * Backend might require functions, that are available only in SquirrelMail |
ebf9211b |
22 | * v.1.5.1 and v.1.4.4. |
23 | * |
4b4abf93 |
24 | * @author Tomas Kuliavas <tokul at users.sourceforge.net> |
30460a05 |
25 | * @copyright 2005-2009 The SquirrelMail Project Team |
4b4abf93 |
26 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License |
ebf9211b |
27 | * @version $Id$ |
28 | * @link http://www.vmailmgr.org vmailmgr site |
29 | * @package plugins |
30 | * @subpackage change_password |
31 | */ |
32 | |
a391f3af |
33 | /* Default backend configuration */ |
ebf9211b |
34 | |
35 | /** |
36 | * path to vmail.inc |
37 | * |
38 | * This variable must provide full path to vmail.inc file including filename. |
d04cab42 |
39 | * |
40 | * WARNING: Don't disable this variable. It must be set to correct value or |
41 | * to empty string. If variable is missing, backend can have security problems |
42 | * in some PHP configurations. |
ebf9211b |
43 | * @global string $vmail_inc_path |
44 | */ |
45 | global $vmail_inc_path; |
46 | $vmail_inc_path=''; |
47 | |
48 | /** |
49 | * address of vmailmgrd host. |
50 | * |
51 | * Leave it empty, if you want to use unix socket |
52 | * global is used by vmail.inc functions |
53 | * @global string $vm_tcphost |
54 | */ |
55 | global $vm_tcphost; |
56 | $vm_tcphost=''; |
57 | |
58 | /** |
59 | * port of vmailmgrd |
60 | * |
61 | * global is used by vmail.inc functions. |
62 | * @global integer $vm_tcphost_port |
63 | */ |
64 | global $vm_tcphost_port; |
65 | $vm_tcphost_port=322; |
66 | |
67 | /** |
68 | * Option that controls use of 8bit passwords |
69 | * Use of such passwords is not safe, because squirrelmail interface |
70 | * can be running in different charsets. |
71 | * @global boolean |
72 | */ |
73 | global $cpw_vmailmgrd_8bitpw; |
74 | $cpw_vmailmgrd_8bitpw=false; |
75 | |
76 | /* end of backend configuration */ |
77 | |
a391f3af |
78 | /** load configuration from config.php */ |
76063016 |
79 | if ( isset($cpw_vmailmgrd) && is_array($cpw_vmailmgrd) && !empty($cpw_vmailmgrd) ) { |
80 | if (isset($cpw_vmailmgrd['vmail_inc_path'])) |
81 | $vmail_inc_path=$cpw_vmailmgrd['vmail_inc_path']; |
82 | if (isset($cpw_vmailmgrd['vm_tcphost'])) |
83 | $vm_tcphost=$cpw_vmailmgrd['vm_tcphost']; |
84 | if (isset($cpw_vmailmgrd['vm_tcphost_port'])) |
85 | $vm_tcphost_port=$cpw_vmailmgrd['vm_tcphost_port']; |
86 | if (isset($cpw_vmailmgrd['8bitpw'])) |
87 | $cpw_vmailmgrd_8bitpw=$cpw_vmailmgrd['8bitpw']; |
a391f3af |
88 | } |
89 | |
ebf9211b |
90 | |
91 | /** |
d04cab42 |
92 | * Init change_password plugin hooks. |
ebf9211b |
93 | */ |
94 | global $squirrelmail_plugin_hooks; |
95 | $squirrelmail_plugin_hooks['change_password_dochange']['vmailmgrd'] = |
96 | 'cpw_vmailmgrd_dochange'; |
97 | $squirrelmail_plugin_hooks['change_password_init']['vmailmgrd'] = |
98 | 'cpw_vmailmgrd_init'; |
99 | |
100 | |
101 | /** |
102 | * Use this function to do any backend-specific initialisation, |
103 | * e.g. checking requirements, before the password change form |
104 | * is displayed to the user. |
105 | */ |
106 | function cpw_vmailmgrd_init(){ |
1b858d86 |
107 | global $vmail_inc_path, $username, $oTemplate; |
ebf9211b |
108 | |
ebf9211b |
109 | if ($vmail_inc_path=='' || ! file_exists($vmail_inc_path)) { |
110 | // $vmail_inc_path is not set or file does not exist |
1b858d86 |
111 | error_box(_("Incorrent path to vmail.inc file.")); |
ebf9211b |
112 | // close html and stop script execution |
1b858d86 |
113 | $oTemplate->display('footer.tpl'); |
ebf9211b |
114 | exit(); |
115 | } |
116 | |
117 | include_once($vmail_inc_path); |
118 | |
119 | if (! function_exists('vchpass')) { |
120 | // included vmail.inc does not have required functions. |
1b858d86 |
121 | error_box(_("Invalid or corrupted vmail.inc file.")); |
ebf9211b |
122 | // close html and stop script execution |
1b858d86 |
123 | $oTemplate->display('footer.tpl'); |
ebf9211b |
124 | exit(); |
125 | } |
126 | |
127 | if (! preg_match("/(.*)\@(.*)/", $username)) { |
128 | // username does not match vmailmgr syntax |
1b858d86 |
129 | error_box(_("Invalid user.")); |
ebf9211b |
130 | // close html and stop script execution |
1b858d86 |
131 | $oTemplate->display('footer.tpl'); |
ebf9211b |
132 | exit(); |
133 | } |
134 | } |
135 | |
136 | |
137 | /** |
138 | * function used to change password in change_password plugin hooks. |
139 | * |
06f1fc3a |
140 | * @param array $data The username/curpw/newpw data. |
ebf9211b |
141 | * @return array Array of error messages. |
142 | */ |
143 | function cpw_vmailmgrd_dochange($data) |
144 | { |
145 | global $cpw_vmailmgrd_8bitpw; |
146 | |
147 | /** |
148 | * getting params from hook function. |
149 | */ |
150 | $username = $data['username']; |
151 | $curpw = $data['curpw']; |
152 | $newpw = $data['newpw']; |
153 | |
154 | $msgs = array(); |
155 | |
156 | // check for new 8bit password |
157 | if (! $cpw_vmailmgrd_8bitpw && sq_is8bit($newpw)) { |
158 | // 8bit chars in password when backend is configured to block them |
159 | array_push($msgs,CPW_INVALID_PW); |
160 | return $msgs; |
161 | } |
162 | |
163 | // extract username and domain |
164 | if (preg_match("/(.*)\@(.*)/", $username, $parts)) { |
165 | $vm_user=$parts[1]; |
166 | $vm_domain=$parts[2]; |
167 | } |
168 | |
169 | // check if old password matches |
170 | $vmgrd_response1 = cpw_vmailmgrd_passwd($vm_user,$vm_domain,$curpw,$curpw); |
171 | if ($vmgrd_response1[0]!=0) { |
172 | array_push($msgs, CPW_CURRENT_NOMATCH); |
173 | return $msgs; |
174 | } |
175 | |
176 | // change password |
177 | $vmgrd_response2 = cpw_vmailmgrd_passwd($vm_user,$vm_domain,$curpw,$newpw); |
178 | if ($vmgrd_response2[0]!=0) { |
179 | // TODO: add vmail.inc error message parser. |
47a29972 |
180 | array_push($msgs, cpw_i18n_vmail_response($vmgrd_response2[1])); |
ebf9211b |
181 | } |
182 | |
183 | return $msgs; |
184 | } |
185 | |
186 | /** |
187 | * function that calls required vmail.inc functions and returns error codes. |
188 | * |
189 | * Information about vmailmgr return codes. |
190 | * vmailmgr functions return array with two keys. |
191 | * Array( |
192 | * [0] => error code, integer (0=no error) |
193 | * [1] => error message, string |
194 | * ) |
195 | * @return array |
196 | */ |
197 | function cpw_vmailmgrd_passwd($user,$domain,$oldpass,$newpass) { |
198 | global $vmail_inc_path; |
199 | |
200 | // variable should be checked by cpw_vmailmgrd_init function |
201 | include_once($vmail_inc_path); |
202 | |
203 | return vchpass($domain,$oldpass,$user,$newpass); |
204 | } |
47a29972 |
205 | |
206 | /** |
c683d87f |
207 | * Function is used to translate messages returned by vmailmgr |
47a29972 |
208 | * php library and vmailmgr daemon. |
209 | * @param string $string vmailmrgd message. |
210 | * @return string translated string. |
211 | */ |
212 | function cpw_i18n_vmail_response($string) { |
213 | if ($string=='Empty domain') { |
214 | // block one: vchpass responses |
215 | $ret = _("Empty domain"); |
216 | } elseif ($string=='Empty domain password') { |
217 | $ret = _("Empty domain password"); |
218 | } elseif ($string=='Empty username') { |
219 | $ret = _("Empty username"); |
220 | } elseif ($string=='Empty new password') { |
221 | $ret = _("Empty new password"); |
222 | /* |
223 | * block is disabled in order to reduce load on translators. |
224 | * these error messages should be very rare. |
225 | } elseif ($string=='Invalid or unknown base user or domain') { |
226 | // block two: vmailmgr daemon strings |
227 | $ret = _("Invalid or unknown base user or domain"); |
228 | } elseif ($string=='Invalid or unknown virtual user') { |
229 | $ret = _("Invalid or unknown virtual user"); |
230 | } elseif ($string=='Invalid or incorrect password') { |
231 | $ret = _("Invalid or incorrect password"); |
232 | } elseif ($string=='Unknown operation to stat') { |
233 | $ret = _("Unknown operation to stat"); |
234 | } elseif (preg_match("/^Incorrect number of parameters to command (.+)/",$string,$match)) { |
235 | $ret = sprintf(_("Incorrect number of parameters to command %s"),$match[1]); |
236 | } elseif (preg_match("/^Invalid or unknown domain name: (.+)/",$string,$match)) { |
237 | $ret = sprintf(_("Invalid or unknown domain name: %s"),$match[1]); |
238 | } elseif ($string=='Invalid operation') { |
239 | $ret = _("Invalid operation"); |
240 | } elseif (preg_match("/^Invalid or unknown base user name: (.+)/",$string,$match)) { |
241 | $ret = sprintf(_("Invalid or unknown base user name: %s"),$match[1]); |
242 | } elseif ($string=='Invalid or incorrect password') { |
243 | $ret = _("Invalid or incorrect password"); |
244 | } elseif ($string=='Base user has no virtual password table') { |
245 | $ret = _("Base user has no virtual password table"); |
246 | } elseif ($string=='Failed while writing initial OK response') { |
247 | $ret = _("Failed while writing initial OK response"); |
248 | } elseif ($string=='Failed while writing list entry') { |
249 | $ret = _("Failed while writing list entry"); |
250 | } elseif ($string=='Internal error -- userpass && !mustexist') { |
251 | $ret = _("Internal error -- userpass && !mustexist"); |
252 | } elseif ($string=='Invalid or unknown base user or domain') { |
253 | $ret = _("Invalid or unknown base user or domain"); |
254 | } elseif ($string=='Incorrect password') { |
255 | $ret = CPW_INVALID_PW; |
256 | } elseif ($string=='User name does not refer to a virtual user') { |
257 | $ret = _("User name does not refer to a virtual user"); |
258 | } elseif ($string=='Invalid or unknown virtual user') { |
259 | $ret = _("Invalid or unknown virtual user"); |
260 | } elseif ($string=='Virtual user already exists') { |
261 | $ret = _("Virtual user already exists"); |
262 | } elseif ($string=='Timed out waiting for remote') { |
263 | $ret = _("Timed out waiting for remote"); |
264 | } elseif ($string=='Connection to client lost') { |
265 | $ret = _("Connection to client lost"); |
266 | } elseif ($string=="Couldn't decode the command string") { |
267 | $ret = _("Couldn't decode the command string"); |
268 | } elseif ($string=='Empty command string') { |
269 | $ret = _("Empty command string"); |
270 | } elseif ($string=='Error decoding a command parameter') { |
271 | $ret = _("Error decoding a command parameter"); |
272 | } elseif ($string=='read system call failed or was interrupted') { |
273 | $ret = _("read system call failed or was interrupted"); |
274 | } elseif ($string=='Short read while reading protocol header') { |
275 | $ret = _("Short read while reading protocol header"); |
276 | } elseif ($string=='Invalid protocol from client') { |
277 | $ret = _("Invalid protocol from client"); |
278 | } elseif ($string=='Short read while reading message data') { |
279 | $ret = _("Short read while reading message data"); |
280 | } elseif ($string=='Error writing response') { |
281 | $ret = _("Error writing response"); |
282 | */ |
283 | } else { |
284 | // return unknown strings |
285 | $ret = $string; |
286 | } |
287 | return $ret; |
288 | } |