[squirrelmail.git] / plugins / change_password / functions.php

<?php

/**
 * functions.php - Change Password plugin
 *
 * @copyright 2003-2022 The SquirrelMail Project Team
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
 * @version $Id$
 * @package plugins
 * @subpackage change_password
 */

/**
 * Will verify the input against a set of criteria:
 * is every field supplied, does verify password match,
 * does current password validate, ..
 * These criteria are (for now) backend-independent.
 *
 * @return array Array with zero or more error messages.
 */
function cpw_check_input()
{
    global $cpw_pass_min_length, $cpw_pass_max_length;

    // formdata
    sqgetGlobalVar('cpw_curpass', $currentpw, SQ_POST);
    sqgetGlobalVar('cpw_newpass', $newpw,     SQ_POST);
    sqgetGlobalVar('cpw_verify',  $verifypw,  SQ_POST);
    // for decrypting current password
    sqgetGlobalVar('key',         $key,       SQ_COOKIE);
    sqgetGlobalVar('onetimepad',  $onetimepad,SQ_SESSION);

    $msg = array();

    if(!$newpw) {
        $msg[] = _("You must type in a new password.");
    }
    if(!$verifypw) {
        $msg[] = _("You must also type in your new password in the verify box.");
    } elseif ($verifypw != $newpw) {
        $msg[] = _("Your new password does not match the verify password.");
    }

    $orig_pw = OneTimePadDecrypt($key, $onetimepad);

    if(!$currentpw) {
        $msg[] = _("You must type in your current password.");
    } elseif ($currentpw != $orig_pw) {
        $msg[] = _("Your current password is not correct.");
    }

    if($newpw && (strlen($newpw) < $cpw_pass_min_length ||
                  strlen($newpw) > $cpw_pass_max_length ) ) {
        $msg[] = sprintf(_("Your new password should be %s to %s characters long."),
                 $cpw_pass_min_length, $cpw_pass_max_length);
    }

    // do we need to do checks that are backend-specific and should
    // be handled by a hook? I know of none now, bnd those checks can
    // also be done in the backend dochange() function. If there turns
    // out to be a need for it we can add a hook for that here.

    return $msg;
}


define('CPW_CURRENT_NOMATCH', _("Your current password is not correct."));
define('CPW_INVALID_PW', _("Your new password contains invalid characters."));

/**
 * Does the actual password changing (meaning it calls the hook function
 * from the backend that does this. If something goes wrong, return error
 * message(s). If everything ok, change the password in the session so the
 * user doesn't have to log out, and redirect back to the options screen.
 */
function cpw_do_change()
{
    global $cpw_backend;
    sqgetGlobalVar('cpw_curpass', $curpw,      SQ_POST);
    sqgetGlobalVar('cpw_newpass', $newpw,      SQ_POST);
    sqgetGlobalVar('base_uri',    $base_uri,   SQ_SESSION);
    sqgetGlobalVar('onetimepad',  $onetimepad, SQ_SESSION);
    sqgetGlobalVar('key',         $key,        SQ_COOKIE);
    sqgetGlobalVar('username',    $username,   SQ_SESSION);

    require_once(SM_PATH . 'plugins/change_password/backend/'.$cpw_backend.'.php');

    $msgs = do_hook('change_password_dochange',
        $temp=array (
            'username' => &$username,
            'curpw' => &$curpw,
            'newpw' => &$newpw
        ) );

    /* something bad happened, return */
    if(count($msgs) > 0) {
        return $msgs;
    }

    /* update our password stored in the session */
    $onetimepad = OneTimePadCreate(strlen($newpw));
    sqsession_register($onetimepad,'onetimepad');
    $key = OneTimePadEncrypt($newpw, $onetimepad);
    sqsetcookie('key', $key, 0, $base_uri);

    /* make sure we write the session data before we redirect */
    session_write_close();
    header('Location: '.SM_PATH. 'src/options.php?optmode=submit&optpage=change_password&plugin_change_password=1&smtoken=' . sm_generate_security_token());
    exit;
}
Commit	Line	Data
27663afe	1	<?php
27663afe	2
087508d9	3	/**
	4	* functions.php - Change Password plugin
	5	*
77a1e3d1	6	* @copyright 2003-2022 The SquirrelMail Project Team
4b4abf93	7	* @license http://opensource.org/licenses/gpl-license.php GNU Public License
882acf90	8	* @version $Id$
087508d9	9	* @package plugins
	10	* @subpackage change_password
	11	*/
	12
27663afe	13	/**
	14	* Will verify the input against a set of criteria:
	15	* is every field supplied, does verify password match,
	16	* does current password validate, ..
1f4dadde	17	* These criteria are (for now) backend-independent.
087508d9	18	*
27663afe	19	* @return array Array with zero or more error messages.
	20	*/
	21	function cpw_check_input()
	22	{
	23	global $cpw_pass_min_length, $cpw_pass_max_length;
	24
	25	// formdata
	26	sqgetGlobalVar('cpw_curpass', $currentpw, SQ_POST);
	27	sqgetGlobalVar('cpw_newpass', $newpw, SQ_POST);
	28	sqgetGlobalVar('cpw_verify', $verifypw, SQ_POST);
	29	// for decrypting current password
	30	sqgetGlobalVar('key', $key, SQ_COOKIE);
	31	sqgetGlobalVar('onetimepad', $onetimepad,SQ_SESSION);
	32
	33	$msg = array();
	34
27663afe	35	if(!$newpw) {
	36	$msg[] = _("You must type in a new password.");
	37	}
	38	if(!$verifypw) {
	39	$msg[] = _("You must also type in your new password in the verify box.");
	40	} elseif ($verifypw != $newpw) {
	41	$msg[] = _("Your new password does not match the verify password.");
	42	}
4165198d	43
	44	$orig_pw = OneTimePadDecrypt($key, $onetimepad);
	45
	46	if(!$currentpw) {
	47	$msg[] = _("You must type in your current password.");
	48	} elseif ($currentpw != $orig_pw) {
	49	$msg[] = _("Your current password is not correct.");
	50	}
	51
27663afe	52	if($newpw && (strlen($newpw) < $cpw_pass_min_length \|\|
	53	strlen($newpw) > $cpw_pass_max_length ) ) {
	54	$msg[] = sprintf(_("Your new password should be %s to %s characters long."),
	55	$cpw_pass_min_length, $cpw_pass_max_length);
	56	}
	57
	58	// do we need to do checks that are backend-specific and should
087508d9	59	// be handled by a hook? I know of none now, bnd those checks can
	60	// also be done in the backend dochange() function. If there turns
	61	// out to be a need for it we can add a hook for that here.
27663afe	62
	63	return $msg;
	64	}
	65
	66
	67	define('CPW_CURRENT_NOMATCH', _("Your current password is not correct."));
	68	define('CPW_INVALID_PW', _("Your new password contains invalid characters."));
	69
	70	/**
	71	* Does the actual password changing (meaning it calls the hook function
	72	* from the backend that does this. If something goes wrong, return error
	73	* message(s). If everything ok, change the password in the session so the
	74	* user doesn't have to log out, and redirect back to the options screen.
	75	*/
	76	function cpw_do_change()
	77	{
	78	global $cpw_backend;
087508d9	79	sqgetGlobalVar('cpw_curpass', $curpw, SQ_POST);
087508d9	80	sqgetGlobalVar('cpw_newpass', $newpw, SQ_POST);
27663afe	81	sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION);
	82	sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
	83	sqgetGlobalVar('key', $key, SQ_COOKIE);
	84	sqgetGlobalVar('username', $username, SQ_SESSION);
	85
	86	require_once(SM_PATH . 'plugins/change_password/backend/'.$cpw_backend.'.php');
	87
6e515418	88	$msgs = do_hook('change_password_dochange',
	89	$temp=array (
	90	'username' => &$username,
	91	'curpw' => &$curpw,
	92	'newpw' => &$newpw
4165198d	93	) );
27663afe	94
	95	/* something bad happened, return */
	96	if(count($msgs) > 0) {
	97	return $msgs;
	98	}
	99
	100	/* update our password stored in the session */
	101	$onetimepad = OneTimePadCreate(strlen($newpw));
775edf4f	102	sqsession_register($onetimepad,'onetimepad');
27663afe	103	$key = OneTimePadEncrypt($newpw, $onetimepad);
73ee0267	104	sqsetcookie('key', $key, 0, $base_uri);
27663afe	105
	106	/* make sure we write the session data before we redirect */
	107	session_write_close();
ebba902d	108	header('Location: '.SM_PATH. 'src/options.php?optmode=submit&optpage=change_password&plugin_change_password=1&smtoken=' . sm_generate_security_token());
27663afe	109	exit;
1f4dadde	110	}
aaa01018	111