700b517cbad032e7ceb8fefc3cfbe3089a0cdb33
4 * functions.php - Change Password plugin
6 * @copyright 2003-2020 The SquirrelMail Project Team
7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
10 * @subpackage change_password
14 * Will verify the input against a set of criteria:
15 * is every field supplied, does verify password match,
16 * does current password validate, ..
17 * These criteria are (for now) backend-independent.
19 * @return array Array with zero or more error messages.
21 function cpw_check_input()
23 global $cpw_pass_min_length, $cpw_pass_max_length;
26 sqgetGlobalVar('cpw_curpass', $currentpw, SQ_POST
);
27 sqgetGlobalVar('cpw_newpass', $newpw, SQ_POST
);
28 sqgetGlobalVar('cpw_verify', $verifypw, SQ_POST
);
29 // for decrypting current password
30 sqgetGlobalVar('key', $key, SQ_COOKIE
);
31 sqgetGlobalVar('onetimepad', $onetimepad,SQ_SESSION
);
36 $msg[] = _("You must type in a new password.");
39 $msg[] = _("You must also type in your new password in the verify box.");
40 } elseif ($verifypw != $newpw) {
41 $msg[] = _("Your new password does not match the verify password.");
44 $orig_pw = OneTimePadDecrypt($key, $onetimepad);
47 $msg[] = _("You must type in your current password.");
48 } elseif ($currentpw != $orig_pw) {
49 $msg[] = _("Your current password is not correct.");
52 if($newpw && (strlen($newpw) < $cpw_pass_min_length ||
53 strlen($newpw) > $cpw_pass_max_length ) ) {
54 $msg[] = sprintf(_("Your new password should be %s to %s characters long."),
55 $cpw_pass_min_length, $cpw_pass_max_length);
58 // do we need to do checks that are backend-specific and should
59 // be handled by a hook? I know of none now, bnd those checks can
60 // also be done in the backend dochange() function. If there turns
61 // out to be a need for it we can add a hook for that here.
67 define('CPW_CURRENT_NOMATCH', _("Your current password is not correct."));
68 define('CPW_INVALID_PW', _("Your new password contains invalid characters."));
71 * Does the actual password changing (meaning it calls the hook function
72 * from the backend that does this. If something goes wrong, return error
73 * message(s). If everything ok, change the password in the session so the
74 * user doesn't have to log out, and redirect back to the options screen.
76 function cpw_do_change()
79 sqgetGlobalVar('cpw_curpass', $curpw, SQ_POST
);
80 sqgetGlobalVar('cpw_newpass', $newpw, SQ_POST
);
81 sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION
);
82 sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION
);
83 sqgetGlobalVar('key', $key, SQ_COOKIE
);
84 sqgetGlobalVar('username', $username, SQ_SESSION
);
86 require_once(SM_PATH
. 'plugins/change_password/backend/'.$cpw_backend.'.php');
88 $msgs = do_hook('change_password_dochange',
90 'username' => &$username,
95 /* something bad happened, return */
96 if(count($msgs) > 0) {
100 /* update our password stored in the session */
101 $onetimepad = OneTimePadCreate(strlen($newpw));
102 sqsession_register($onetimepad,'onetimepad');
103 $key = OneTimePadEncrypt($newpw, $onetimepad);
104 sqsetcookie('key', $key, 0, $base_uri);
106 /* make sure we write the session data before we redirect */
107 session_write_close();
108 header('Location: '.SM_PATH
. 'src/options.php?optmode=submit&optpage=change_password&plugin_change_password=1&smtoken=' . sm_generate_security_token());