[squirrelmail.git] / plugins / change_password / functions.php

<?php

/**
 * functions.php - Change Password plugin
 *
 * Copyright (c) 2003-2004 The SquirrelMail Project Team
 * Licensed under the GNU GPL. For full terms see the file COPYING.
 *
 * @version $Id$
 * @package plugins
 * @subpackage change_password
 */

/**
 * Will verify the input against a set of criteria:
 * is every field supplied, does verify password match,
 * does current password validate, ..
 * These criteria are (for now) backend-independant.
 *
 * @return array Array with zero or more error messages.
 */
function cpw_check_input()
{
    global $cpw_pass_min_length, $cpw_pass_max_length;

    // formdata
    sqgetGlobalVar('cpw_curpass', $currentpw, SQ_POST);
    sqgetGlobalVar('cpw_newpass', $newpw,     SQ_POST);
    sqgetGlobalVar('cpw_verify',  $verifypw,  SQ_POST);
    // for decrypting current password
    sqgetGlobalVar('key',         $key,       SQ_COOKIE);
    sqgetGlobalVar('onetimepad',  $onetimepad,SQ_SESSION);

    $msg = array();

    if(!$currentpw) {
        $msg[] = _("You must type in your current password.");
    } elseif($currentpw != OneTimePadDecrypt($key, $onetimepad)) {
        $msg[] = _("Your current password is not correct.");
    }
    if(!$newpw) {
        $msg[] = _("You must type in a new password.");
    }
    if(!$verifypw) {
        $msg[] = _("You must also type in your new password in the verify box.");
    } elseif ($verifypw != $newpw) {
        $msg[] = _("Your new password does not match the verify password.");
    }
    if($newpw && (strlen($newpw) < $cpw_pass_min_length ||
                  strlen($newpw) > $cpw_pass_max_length ) ) {
        $msg[] = sprintf(_("Your new password should be %s to %s characters long."),
                 $cpw_pass_min_length, $cpw_pass_max_length);
    }

    // do we need to do checks that are backend-specific and should
    // be handled by a hook? I know of none now, bnd those checks can
    // also be done in the backend dochange() function. If there turns
    // out to be a need for it we can add a hook for that here.

    return $msg;
}


define('CPW_CURRENT_NOMATCH', _("Your current password is not correct."));
define('CPW_INVALID_PW', _("Your new password contains invalid characters."));

/**
 * Does the actual password changing (meaning it calls the hook function
 * from the backend that does this. If something goes wrong, return error
 * message(s). If everything ok, change the password in the session so the
 * user doesn't have to log out, and redirect back to the options screen.
 */
function cpw_do_change()
{
    global $cpw_backend;
    sqgetGlobalVar('cpw_curpass', $curpw,      SQ_POST);
    sqgetGlobalVar('cpw_newpass', $newpw,      SQ_POST);
    sqgetGlobalVar('base_uri',    $base_uri,   SQ_SESSION);
    sqgetGlobalVar('onetimepad',  $onetimepad, SQ_SESSION);
    sqgetGlobalVar('key',         $key,        SQ_COOKIE);
    sqgetGlobalVar('username',    $username,   SQ_SESSION);

    require_once(SM_PATH . 'plugins/change_password/backend/'.$cpw_backend.'.php');

    $msgs = do_hook_function('change_password_dochange',
        array (
            'username' => $username,
	    'curpw' => $curpw,
	    'newpw' => $newpw
	) );

    /* something bad happened, return */
    if(count($msgs) > 0) {
        return $msgs;
    }

    /* update our password stored in the session */
    $onetimepad = OneTimePadCreate(strlen($newpw));
    $_SESSION['onetimepad'] = $onetimepad;
    $key = OneTimePadEncrypt($newpw, $onetimepad);
    setcookie('key', $key, 0, $base_uri);

    /* make sure we write the session data before we redirect */
    session_write_close();
    header('Location: '.SM_PATH. 'src/options.php?optmode=submit&plugin_change_password=1');
    exit;
}
Commit	Line	Data
27663afe	1	<?php
27663afe	2
087508d9	3	/**
	4	* functions.php - Change Password plugin
	5	*
	6	* Copyright (c) 2003-2004 The SquirrelMail Project Team
	7	* Licensed under the GNU GPL. For full terms see the file COPYING.
	8	*
882acf90	9	* @version $Id$
087508d9	10	* @package plugins
	11	* @subpackage change_password
	12	*/
	13
27663afe	14	/**
	15	* Will verify the input against a set of criteria:
	16	* is every field supplied, does verify password match,
	17	* does current password validate, ..
087508d9	18	* These criteria are (for now) backend-independant.
087508d9	19	*
27663afe	20	* @return array Array with zero or more error messages.
	21	*/
	22	function cpw_check_input()
	23	{
	24	global $cpw_pass_min_length, $cpw_pass_max_length;
	25
	26	// formdata
	27	sqgetGlobalVar('cpw_curpass', $currentpw, SQ_POST);
	28	sqgetGlobalVar('cpw_newpass', $newpw, SQ_POST);
	29	sqgetGlobalVar('cpw_verify', $verifypw, SQ_POST);
	30	// for decrypting current password
	31	sqgetGlobalVar('key', $key, SQ_COOKIE);
	32	sqgetGlobalVar('onetimepad', $onetimepad,SQ_SESSION);
	33
	34	$msg = array();
	35
	36	if(!$currentpw) {
	37	$msg[] = _("You must type in your current password.");
	38	} elseif($currentpw != OneTimePadDecrypt($key, $onetimepad)) {
	39	$msg[] = _("Your current password is not correct.");
	40	}
	41	if(!$newpw) {
	42	$msg[] = _("You must type in a new password.");
	43	}
	44	if(!$verifypw) {
	45	$msg[] = _("You must also type in your new password in the verify box.");
	46	} elseif ($verifypw != $newpw) {
	47	$msg[] = _("Your new password does not match the verify password.");
	48	}
	49	if($newpw && (strlen($newpw) < $cpw_pass_min_length \|\|
	50	strlen($newpw) > $cpw_pass_max_length ) ) {
	51	$msg[] = sprintf(_("Your new password should be %s to %s characters long."),
	52	$cpw_pass_min_length, $cpw_pass_max_length);
	53	}
	54
	55	// do we need to do checks that are backend-specific and should
087508d9	56	// be handled by a hook? I know of none now, bnd those checks can
	57	// also be done in the backend dochange() function. If there turns
	58	// out to be a need for it we can add a hook for that here.
27663afe	59
	60	return $msg;
	61	}
	62
	63
	64	define('CPW_CURRENT_NOMATCH', _("Your current password is not correct."));
	65	define('CPW_INVALID_PW', _("Your new password contains invalid characters."));
	66
	67	/**
	68	* Does the actual password changing (meaning it calls the hook function
	69	* from the backend that does this. If something goes wrong, return error
	70	* message(s). If everything ok, change the password in the session so the
	71	* user doesn't have to log out, and redirect back to the options screen.
	72	*/
	73	function cpw_do_change()
	74	{
	75	global $cpw_backend;
087508d9	76	sqgetGlobalVar('cpw_curpass', $curpw, SQ_POST);
087508d9	77	sqgetGlobalVar('cpw_newpass', $newpw, SQ_POST);
27663afe	78	sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION);
	79	sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
	80	sqgetGlobalVar('key', $key, SQ_COOKIE);
	81	sqgetGlobalVar('username', $username, SQ_SESSION);
	82
	83	require_once(SM_PATH . 'plugins/change_password/backend/'.$cpw_backend.'.php');
	84
	85	$msgs = do_hook_function('change_password_dochange',
	86	array (
	87	'username' => $username,
	88	'curpw' => $curpw,
	89	'newpw' => $newpw
	90	) );
	91
	92	/* something bad happened, return */
	93	if(count($msgs) > 0) {
	94	return $msgs;
	95	}
	96
	97	/* update our password stored in the session */
	98	$onetimepad = OneTimePadCreate(strlen($newpw));
	99	$_SESSION['onetimepad'] = $onetimepad;
	100	$key = OneTimePadEncrypt($newpw, $onetimepad);
	101	setcookie('key', $key, 0, $base_uri);
	102
	103	/* make sure we write the session data before we redirect */
	104	session_write_close();
5c34b0bb	105	header('Location: '.SM_PATH. 'src/options.php?optmode=submit&plugin_change_password=1');
27663afe	106	exit;
27663afe	107	}