projects
/
squirrelmail.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Retire Marc. We should probably retire some others who haven't contributed in the...
[squirrelmail.git]
/
plugins
/
change_password
/
options.php
diff --git
a/plugins/change_password/options.php
b/plugins/change_password/options.php
index a62fd3634b2f20fa5d18588be04760142269bea3..feca9422328bc26f8a79726846d61e30066493c3 100644
(file)
--- a/
plugins/change_password/options.php
+++ b/
plugins/change_password/options.php
@@
-3,18
+3,18
@@
/**
* options.php - Change Password HTML page
*
/**
* options.php - Change Password HTML page
*
- * Copyright (c) 2004-2005 The SquirrelMail Project Team
- * Licensed under the GNU GPL. For full terms see the file COPYING.
- *
+ * @copyright 2004-2010 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package plugins
* @subpackage change_password
*/
* @version $Id$
* @package plugins
* @subpackage change_password
*/
-/** @ignore */
-define('SM_PATH','../../');
+/**
+ * Include the SquirrelMail initialization file.
+ */
+require('../../include/init.php');
-include_once (SM_PATH . 'include/validate.php');
include_once (SM_PATH . 'plugins/change_password/functions.php');
include_once (SM_PATH . 'functions/forms.php');
include_once (SM_PATH . 'plugins/change_password/functions.php');
include_once (SM_PATH . 'functions/forms.php');
@@
-30,7
+30,7
@@
if (file_exists(SM_PATH . 'plugins/change_password/config_default.php')) {
}
/**
}
/**
- * prevent possible corruption of configuration overrides in
+ * prevent possible corruption of configuration overrides in
* register_globals=on and preloaded php scripts.
*/
$cpw_ldap=array();
* register_globals=on and preloaded php scripts.
*/
$cpw_ldap=array();
@@
-54,11
+54,9
@@
if (file_exists(SM_PATH . 'plugins/change_password/backend/'.$cpw_backend.'.php'
/* the form was submitted, go for it */
if(sqgetGlobalVar('cpw_go', $cpw_go, SQ_POST)) {
/* the form was submitted, go for it */
if(sqgetGlobalVar('cpw_go', $cpw_go, SQ_POST)) {
- // SM14 code: use change_password gettext domain binding for 1.4.x
- if (! check_sm_version(1,5,0)) {
- bindtextdomain('change_password',SM_PATH . 'locale');
- textdomain('change_password');
- }
+ // security check
+ sqgetGlobalVar('smtoken', $submitted_token, SQ_POST, '');
+ sm_validate_security_token($submitted_token, 3600, TRUE);
/* perform basic checks */
$Messages = cpw_check_input();
/* perform basic checks */
$Messages = cpw_check_input();
@@
-67,29
+65,17
@@
if(sqgetGlobalVar('cpw_go', $cpw_go, SQ_POST)) {
if(count($Messages) == 0) {
$Messages = cpw_do_change();
}
if(count($Messages) == 0) {
$Messages = cpw_do_change();
}
-
- // SM14 code: use change_password gettext domain binding for 1.4.x
- if (! check_sm_version(1,5,0)) {
- bindtextdomain('squirrelmail',SM_PATH . 'locale');
- textdomain('squirrelmail');
- }
}
}
-displayPageHeader($color, 'None');
-
-// SM14 code: use change_password gettext domain binding for 1.4.x
-if (! check_sm_version(1,5,0)) {
- bindtextdomain('change_password',SM_PATH . 'locale');
- textdomain('change_password');
-}
+displayPageHeader($color);
-do_hook('change_password_init');
+do_hook('change_password_init'
, $null
);
?>
<br />
<table align="center" cellpadding="2" cellspacing="2" border="0">
<tr><td bgcolor="<?php echo $color[0] ?>">
?>
<br />
<table align="center" cellpadding="2" cellspacing="2" border="0">
<tr><td bgcolor="<?php echo $color[0] ?>">
- <
center><b><?php echo _("Change Password") ?></b></center
>
+ <
div style="text-align: center;"><b><?php echo _("Change Password") ?></b></div
>
</td><?php
if (isset($Messages) && count($Messages) > 0) {
</td><?php
if (isset($Messages) && count($Messages) > 0) {
@@
-102,6
+88,7
@@
if (isset($Messages) && count($Messages) > 0) {
?><tr><td>
<?php echo addForm($_SERVER['PHP_SELF'], 'post'); ?>
?><tr><td>
<?php echo addForm($_SERVER['PHP_SELF'], 'post'); ?>
+ <input type="hidden" name="smtoken" value="<?php echo sm_generate_security_token() ?>" />
<table>
<tr>
<th align="right"><?php echo _("Current Password:")?></th>
<table>
<tr>
<th align="right"><?php echo _("Current Password:")?></th>
@@
-122,5
+109,5
@@
if (isset($Messages) && count($Messages) > 0) {
</table>
</form>
</td></tr>
</table>
</form>
</td></tr>
-</tr></table>
-</body></html>
\ No newline at end of file
+</table>
+</body></html>