fixing phpdoc warnings re:SM_PATH. Moving Id tags to @version
[squirrelmail.git] / plugins / change_password / backend / merak.php
CommitLineData
087508d9 1<?php
2/* Merakchange password backend
3 * Author: Edwin van Elk <Edwin@eve-software.com>
4 */
5
6/**
7 * Config vars
8 */
9
10global $merak_url, $merak_selfpage, $merak_action;
11
12// The Merak Server
13
14$merak_url = "http://localhost:32000/";
15$merak_selfpage = "self.html";
16$merak_action = "self_edit";
17
18// NO NEED TO CHANGE ANYTHING BELOW THIS LINE
19
20global $squirrelmail_plugin_hooks;
21$squirrelmail_plugin_hooks['change_password_dochange']['merak'] =
22 'cpw_merak_dochange';
23
24/**
25 * This is the function that is specific to your backend. It takes
26 * the current password (as supplied by the user) and the desired
27 * new password. It will return an array of messages. If everything
28 * was successful, the array will be empty. Else, it will contain
29 * the errormessage(s).
30 * Constants to be used for these messages:
31 * CPW_CURRENT_NOMATCH -> "Your current password is not correct."
32 * CPW_INVALID_PW -> "Your new password contains invalid characters."
33 *
34 * @param array data The username/currentpw/newpw data.
35 * @return array Array of error messages.
36 */
37function cpw_merak_dochange($data)
38{
39 // unfortunately, we can only pass one parameter to a hook function,
40 // so we have to pass it as an array.
41 $username = $data['username'];
42 $curpw = $data['curpw'];
43 $newpw = $data['newpw'];
44
45 $msgs = array();
46
47 global $merak_url, $merak_selfpage, $merak_action, $use_ssl_for_password_change, $debug;
48
49 if (!function_exists('curl_init')) {
50
51 // user_error('Curl module NOT available!', E_USER_ERROR);
52 array_push($msgs, _("Curl module NOT available! Unable to change password!"));
53 return $msgs;
54 }
55
56 $ch = curl_init();
57 curl_setopt ($ch, CURLOPT_URL, $merak_url . $merak_selfpage);
58 curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
59 curl_setopt ($ch, CURLOPT_TIMEOUT, 10);
60 curl_setopt ($ch, CURLOPT_USERPWD, "$username:$curpw");
61 curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
62 $result = curl_exec ($ch);
63 curl_close ($ch);
64
65 if (strpos($result, "401 Access denied") <> 0) {
66 array_push($msgs, _("Cannot change password! (Is user 'Self Configurable User' ?) (401)"));
67 return $msgs;
68 }
69
70 // Get URL from: <FORM METHOD="POST" ACTION="success.html?id=a9375ee5e445775e871d5e1401a963aa">
71
72 $str = stristr($result, "<FORM");
73 $str = substr($str, 0, strpos($str, ">") + 1);
74 $str = stristr($str, "ACTION=");
75 $str = substr(stristr($str, "\""),1);
76 $str = substr($str, 0, strpos($str, "\""));
77
78 // Extra check to see if the result contains 'html'
79 if (!stristr($str, "html")) {
80 array_push($msgs, _("Cannot change password!") . " (1)" );
81 return $msgs;
82 }
83
84 $newurl = $merak_url . $str;
85
86 // Get useraddr from: $useraddr = <INPUT TYPE="HIDDEN" NAME="usraddr" VALUE="mail@hostname.com">
87
88 $str = stristr($result, "usraddr");
89 $str = substr($str, 0, strpos($str, ">") + 1);
90 $str = stristr($str, "VALUE=");
91 $str = substr(stristr($str, "\""),1);
92 $str = substr($str, 0, strpos($str, "\""));
93
94 // Extra check to see if the result contains '@'
95 if (!stristr($str, "@")) {
96 array_push($msgs, _("Cannot change password!") . " (2)" );
97 return $msgs;
98 }
99
100 $useraddr = $str;
101
102 //Include (almost) all input fields from screen
103
104 $contents2 = $result;
105
106 $tag = stristr($contents2, "<INPUT");
107
108 while ($tag) {
109 $contents2 = stristr($contents2, "<INPUT");
110 $tag = substr($contents2, 0, strpos($contents2, ">") + 1);
111
112 if (GetSub($tag, "TYPE") == "TEXT" ||
113 GetSub($tag, "TYPE") == "HIDDEN" ||
114 GetSub($tag, "TYPE") == "PASSWORD") {
115 $tags[GetSub($tag, "NAME")] = GetSub($tag, "VALUE");
116 }
117
118 if ((GetSub($tag, "TYPE") == "RADIO" ||
119 GetSub($tag, "TYPE") == "CHECKBOX") &&
120 IsChecked($tag)) {
121 $tags[GetSub($tag, "NAME")] = GetSub($tag, "VALUE");
122 }
123 $contents2 = substr($contents2, 1);
124 }
125
126 $tags["action"] = $merak_action;
127 $tags["usraddr"] = $useraddr;
128 $tags["usr_pass"] = $newpw;
129 $tags["usr_conf"] = $newpw;
130
131 $str2 = "";
132 foreach ($tags as $key => $value) {
133 $str2 .= $key . "=" . urlencode($value) . "&";
134 }
135
136 $str2 = trim($str2, "&");
137
138 // Change password!
139
140 $ch = curl_init();
141 curl_setopt ($ch, CURLOPT_URL, $newurl);
142 curl_setopt ($ch, CURLOPT_POST, 1);
143 curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
144 curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
145 curl_setopt ($ch, CURLOPT_POSTFIELDS, $str2);
146 $result=curl_exec ($ch);
147 curl_close ($ch);
148
149 if (strpos($result, "Failure") <> 0) {
150 array_push($msgs, _("Cannot change password!") . " (3)");
151 return $msgs;
152 }
153
154 return $msgs;
155}
156
157function GetSub($tag, $type) {
158
159 $str = stristr($tag, $type . "=");
160 $str = substr($str, strlen($type) + 1);
161 $str = trim($str, '"');
162
163 if (!strpos($str, " ") === false) {
164 $str = substr($str, 0, strpos($str, " "));
165 $str = trim($str, '"');
166 }
167
168 if (!(strpos($str, '"') === false)) {
169 $str = substr($str, 0, strpos($str, '"'));
170 }
171
172 $str = trim($str, '>');
173
174 return $str;
175}
176
177function IsChecked($tag) {
178
179 if (!(strpos(strtolower($tag), 'checked') === false)) {
180 return true;
181 }
182
183 return false;
184}