c9f93f0c89cbb7077c6825264b131554ca411bf0
4 * Merakchange password backend
6 * @author Edwin van Elk <edwin at eve-software.com>
7 * @copyright 2004-2020 The SquirrelMail Project Team
8 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
11 * @subpackage change_password
18 global $merak_url, $merak_selfpage, $merak_action;
22 $merak_url = "http://localhost:32000/";
23 $merak_selfpage = "self.html";
24 $merak_action = "self_edit";
26 // get overrides from config.
27 if ( isset($cpw_merak) && is_array($cpw_merak) && !empty($cpw_merak) ) {
28 foreach ( $cpw_merak as $key => $value ) {
29 if ( isset($
{'merak_'.$key}) )
30 $
{'merak_'.$key} = $value;
34 global $squirrelmail_plugin_hooks;
35 $squirrelmail_plugin_hooks['change_password_dochange']['merak'] =
37 $squirrelmail_plugin_hooks['change_password_init']['merak'] =
41 * Check if php install has all required extensions.
43 function cpw_merak_init() {
46 if (!function_exists('curl_init')) {
47 // user_error('Curl module NOT available!', E_USER_ERROR);
48 error_box(_("PHP Curl extension is NOT available! Unable to change password!"));
49 // close html and stop script execution
50 $oTemplate->display('footer.tpl');
56 * This is the function that is specific to your backend. It takes
57 * the current password (as supplied by the user) and the desired
58 * new password. It will return an array of messages. If everything
59 * was successful, the array will be empty. Else, it will contain
60 * the errormessage(s).
61 * Constants to be used for these messages:
62 * CPW_CURRENT_NOMATCH -> "Your current password is not correct."
63 * CPW_INVALID_PW -> "Your new password contains invalid characters."
65 * @param array data The username/currentpw/newpw data.
66 * @return array Array of error messages.
68 function cpw_merak_dochange($data)
70 // unfortunately, we can only pass one parameter to a hook function,
71 // so we have to pass it as an array.
72 $username = $data['username'];
73 $curpw = $data['curpw'];
74 $newpw = $data['newpw'];
78 global $merak_url, $merak_selfpage, $merak_action;
81 curl_setopt ($ch, CURLOPT_URL
, $merak_url . $merak_selfpage);
82 curl_setopt ($ch, CURLOPT_RETURNTRANSFER
, 1);
83 curl_setopt ($ch, CURLOPT_TIMEOUT
, 10);
84 curl_setopt ($ch, CURLOPT_USERPWD
, "$username:$curpw");
85 curl_setopt ($ch, CURLOPT_FOLLOWLOCATION
, 1);
86 $result = curl_exec ($ch);
89 if (strpos($result, "401 Access denied") <> 0) {
90 array_push($msgs, _("Cannot change password! (Is user 'Self Configurable User' ?) (401)"));
94 // Get URL from: <FORM METHOD="POST" ACTION="success.html?id=a9375ee5e445775e871d5e1401a963aa">
96 $str = stristr($result, "<FORM");
97 $str = substr($str, 0, strpos($str, ">") +
1);
98 $str = stristr($str, "ACTION=");
99 $str = substr(stristr($str, "\""),1);
100 $str = substr($str, 0, strpos($str, "\""));
102 // Extra check to see if the result contains 'html'
103 if (!stristr($str, "html")) {
104 array_push($msgs, _("Cannot change password!") . " (1)" );
108 $newurl = $merak_url . $str;
110 // Get useraddr from: $useraddr = <INPUT TYPE="HIDDEN" NAME="usraddr" VALUE="mail@hostname.com">
112 $str = stristr($result, "usraddr");
113 $str = substr($str, 0, strpos($str, ">") +
1);
114 $str = stristr($str, "VALUE=");
115 $str = substr(stristr($str, "\""),1);
116 $str = substr($str, 0, strpos($str, "\""));
118 // Extra check to see if the result contains '@'
119 if (!stristr($str, "@")) {
120 array_push($msgs, _("Cannot change password!") . " (2)" );
126 //Include (almost) all input fields from screen
128 $contents2 = $result;
130 $tag = stristr($contents2, "<INPUT");
133 $contents2 = stristr($contents2, "<INPUT");
134 $tag = substr($contents2, 0, strpos($contents2, ">") +
1);
136 if (GetSub($tag, "TYPE") == "TEXT" ||
137 GetSub($tag, "TYPE") == "HIDDEN" ||
138 GetSub($tag, "TYPE") == "PASSWORD") {
139 $tags[GetSub($tag, "NAME")] = GetSub($tag, "VALUE");
142 if ((GetSub($tag, "TYPE") == "RADIO" ||
143 GetSub($tag, "TYPE") == "CHECKBOX") &&
145 $tags[GetSub($tag, "NAME")] = GetSub($tag, "VALUE");
147 $contents2 = substr($contents2, 1);
150 $tags["action"] = $merak_action;
151 $tags["usraddr"] = $useraddr;
152 $tags["usr_pass"] = $newpw;
153 $tags["usr_conf"] = $newpw;
156 foreach ($tags as $key => $value) {
157 $str2 .= $key . "=" . urlencode($value) . "&";
160 $str2 = trim($str2, "&");
165 curl_setopt ($ch, CURLOPT_URL
, $newurl);
166 curl_setopt ($ch, CURLOPT_POST
, 1);
167 curl_setopt ($ch, CURLOPT_RETURNTRANSFER
, 1);
168 curl_setopt ($ch, CURLOPT_FOLLOWLOCATION
, 1);
169 curl_setopt ($ch, CURLOPT_POSTFIELDS
, $str2);
170 $result=curl_exec ($ch);
173 if (strpos($result, "Failure") <> 0) {
174 array_push($msgs, _("Cannot change password!") . " (3)");
181 function GetSub($tag, $type) {
183 $str = stristr($tag, $type . "=");
184 $str = substr($str, strlen($type) +
1);
185 $str = trim($str, '"');
187 if (!strpos($str, " ") === false) {
188 $str = substr($str, 0, strpos($str, " "));
189 $str = trim($str, '"');
192 if (!(strpos($str, '"') === false)) {
193 $str = substr($str, 0, strpos($str, '"'));
196 $str = trim($str, '>');
201 function IsChecked($tag) {
203 if (!(strpos(strtolower($tag), 'checked') === false)) {