3 * Merakchange password backend
5 * @author Edwin van Elk <Edwin@eve-software.com>
8 * @subpackage change_password
15 global $merak_url, $merak_selfpage, $merak_action;
19 $merak_url = "http://localhost:32000/";
20 $merak_selfpage = "self.html";
21 $merak_action = "self_edit";
23 // get overrides from config.
24 if ( isset($cpw_merak) && is_array($cpw_merak) && !empty($cpw_merak) ) {
25 foreach ( $cpw_merak as $key => $value ) {
26 if ( isset($
{'merak_'.$key}) )
27 $
{'merak_'.$key} = $value;
31 global $squirrelmail_plugin_hooks;
32 $squirrelmail_plugin_hooks['change_password_dochange']['merak'] =
34 $squirrelmail_plugin_hooks['change_password_init']['merak'] =
38 * Check if php install has all required extensions.
40 function cpw_merak_init() {
44 * If SM_PATH isn't defined, define it. Required to include files.
47 if (!defined('SM_PATH')) {
48 define('SM_PATH','../../../');
51 // load error_box() function
52 include_once(SM_PATH
. 'functions/display_messages.php');
54 if (!function_exists('curl_init')) {
55 // user_error('Curl module NOT available!', E_USER_ERROR);
56 error_box(_("PHP Curl extension is NOT available! Unable to change password!"),$color);
57 // close html and stop script execution
58 echo "</body></html>\n";
64 * This is the function that is specific to your backend. It takes
65 * the current password (as supplied by the user) and the desired
66 * new password. It will return an array of messages. If everything
67 * was successful, the array will be empty. Else, it will contain
68 * the errormessage(s).
69 * Constants to be used for these messages:
70 * CPW_CURRENT_NOMATCH -> "Your current password is not correct."
71 * CPW_INVALID_PW -> "Your new password contains invalid characters."
73 * @param array data The username/currentpw/newpw data.
74 * @return array Array of error messages.
76 function cpw_merak_dochange($data)
78 // unfortunately, we can only pass one parameter to a hook function,
79 // so we have to pass it as an array.
80 $username = $data['username'];
81 $curpw = $data['curpw'];
82 $newpw = $data['newpw'];
86 global $merak_url, $merak_selfpage, $merak_action;
89 curl_setopt ($ch, CURLOPT_URL
, $merak_url . $merak_selfpage);
90 curl_setopt ($ch, CURLOPT_RETURNTRANSFER
, 1);
91 curl_setopt ($ch, CURLOPT_TIMEOUT
, 10);
92 curl_setopt ($ch, CURLOPT_USERPWD
, "$username:$curpw");
93 curl_setopt ($ch, CURLOPT_FOLLOWLOCATION
, 1);
94 $result = curl_exec ($ch);
97 if (strpos($result, "401 Access denied") <> 0) {
98 array_push($msgs, _("Cannot change password! (Is user 'Self Configurable User' ?) (401)"));
102 // Get URL from: <FORM METHOD="POST" ACTION="success.html?id=a9375ee5e445775e871d5e1401a963aa">
104 $str = stristr($result, "<FORM");
105 $str = substr($str, 0, strpos($str, ">") +
1);
106 $str = stristr($str, "ACTION=");
107 $str = substr(stristr($str, "\""),1);
108 $str = substr($str, 0, strpos($str, "\""));
110 // Extra check to see if the result contains 'html'
111 if (!stristr($str, "html")) {
112 array_push($msgs, _("Cannot change password!") . " (1)" );
116 $newurl = $merak_url . $str;
118 // Get useraddr from: $useraddr = <INPUT TYPE="HIDDEN" NAME="usraddr" VALUE="mail@hostname.com">
120 $str = stristr($result, "usraddr");
121 $str = substr($str, 0, strpos($str, ">") +
1);
122 $str = stristr($str, "VALUE=");
123 $str = substr(stristr($str, "\""),1);
124 $str = substr($str, 0, strpos($str, "\""));
126 // Extra check to see if the result contains '@'
127 if (!stristr($str, "@")) {
128 array_push($msgs, _("Cannot change password!") . " (2)" );
134 //Include (almost) all input fields from screen
136 $contents2 = $result;
138 $tag = stristr($contents2, "<INPUT");
141 $contents2 = stristr($contents2, "<INPUT");
142 $tag = substr($contents2, 0, strpos($contents2, ">") +
1);
144 if (GetSub($tag, "TYPE") == "TEXT" ||
145 GetSub($tag, "TYPE") == "HIDDEN" ||
146 GetSub($tag, "TYPE") == "PASSWORD") {
147 $tags[GetSub($tag, "NAME")] = GetSub($tag, "VALUE");
150 if ((GetSub($tag, "TYPE") == "RADIO" ||
151 GetSub($tag, "TYPE") == "CHECKBOX") &&
153 $tags[GetSub($tag, "NAME")] = GetSub($tag, "VALUE");
155 $contents2 = substr($contents2, 1);
158 $tags["action"] = $merak_action;
159 $tags["usraddr"] = $useraddr;
160 $tags["usr_pass"] = $newpw;
161 $tags["usr_conf"] = $newpw;
164 foreach ($tags as $key => $value) {
165 $str2 .= $key . "=" . urlencode($value) . "&";
168 $str2 = trim($str2, "&");
173 curl_setopt ($ch, CURLOPT_URL
, $newurl);
174 curl_setopt ($ch, CURLOPT_POST
, 1);
175 curl_setopt ($ch, CURLOPT_RETURNTRANSFER
, 1);
176 curl_setopt ($ch, CURLOPT_FOLLOWLOCATION
, 1);
177 curl_setopt ($ch, CURLOPT_POSTFIELDS
, $str2);
178 $result=curl_exec ($ch);
181 if (strpos($result, "Failure") <> 0) {
182 array_push($msgs, _("Cannot change password!") . " (3)");
189 function GetSub($tag, $type) {
191 $str = stristr($tag, $type . "=");
192 $str = substr($str, strlen($type) +
1);
193 $str = trim($str, '"');
195 if (!strpos($str, " ") === false) {
196 $str = substr($str, 0, strpos($str, " "));
197 $str = trim($str, '"');
200 if (!(strpos($str, '"') === false)) {
201 $str = substr($str, 0, strpos($str, '"'));
204 $str = trim($str, '>');
209 function IsChecked($tag) {
211 if (!(strpos(strtolower($tag), 'checked') === false)) {