moving functions to separate file, adding configuration files
[squirrelmail.git] / plugins / change_password / backend / merak.php
1 <?php
2 /**
3 * Merakchange password backend
4 *
5 * @author Edwin van Elk <Edwin@eve-software.com>
6 * @version $Id$
7 * @package plugins
8 * @subpackage change_password
9 */
10
11 /**
12 * Config vars
13 */
14
15 global $merak_url, $merak_selfpage, $merak_action;
16
17 // The Merak Server
18
19 $merak_url = "http://localhost:32000/";
20 $merak_selfpage = "self.html";
21 $merak_action = "self_edit";
22
23 // NO NEED TO CHANGE ANYTHING BELOW THIS LINE
24
25 global $squirrelmail_plugin_hooks;
26 $squirrelmail_plugin_hooks['change_password_dochange']['merak'] =
27 'cpw_merak_dochange';
28
29 /**
30 * This is the function that is specific to your backend. It takes
31 * the current password (as supplied by the user) and the desired
32 * new password. It will return an array of messages. If everything
33 * was successful, the array will be empty. Else, it will contain
34 * the errormessage(s).
35 * Constants to be used for these messages:
36 * CPW_CURRENT_NOMATCH -> "Your current password is not correct."
37 * CPW_INVALID_PW -> "Your new password contains invalid characters."
38 *
39 * @param array data The username/currentpw/newpw data.
40 * @return array Array of error messages.
41 */
42 function cpw_merak_dochange($data)
43 {
44 // unfortunately, we can only pass one parameter to a hook function,
45 // so we have to pass it as an array.
46 $username = $data['username'];
47 $curpw = $data['curpw'];
48 $newpw = $data['newpw'];
49
50 $msgs = array();
51
52 global $merak_url, $merak_selfpage, $merak_action, $use_ssl_for_password_change, $debug;
53
54 if (!function_exists('curl_init')) {
55
56 // user_error('Curl module NOT available!', E_USER_ERROR);
57 array_push($msgs, _("Curl module NOT available! Unable to change password!"));
58 return $msgs;
59 }
60
61 $ch = curl_init();
62 curl_setopt ($ch, CURLOPT_URL, $merak_url . $merak_selfpage);
63 curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
64 curl_setopt ($ch, CURLOPT_TIMEOUT, 10);
65 curl_setopt ($ch, CURLOPT_USERPWD, "$username:$curpw");
66 curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
67 $result = curl_exec ($ch);
68 curl_close ($ch);
69
70 if (strpos($result, "401 Access denied") <> 0) {
71 array_push($msgs, _("Cannot change password! (Is user 'Self Configurable User' ?) (401)"));
72 return $msgs;
73 }
74
75 // Get URL from: <FORM METHOD="POST" ACTION="success.html?id=a9375ee5e445775e871d5e1401a963aa">
76
77 $str = stristr($result, "<FORM");
78 $str = substr($str, 0, strpos($str, ">") + 1);
79 $str = stristr($str, "ACTION=");
80 $str = substr(stristr($str, "\""),1);
81 $str = substr($str, 0, strpos($str, "\""));
82
83 // Extra check to see if the result contains 'html'
84 if (!stristr($str, "html")) {
85 array_push($msgs, _("Cannot change password!") . " (1)" );
86 return $msgs;
87 }
88
89 $newurl = $merak_url . $str;
90
91 // Get useraddr from: $useraddr = <INPUT TYPE="HIDDEN" NAME="usraddr" VALUE="mail@hostname.com">
92
93 $str = stristr($result, "usraddr");
94 $str = substr($str, 0, strpos($str, ">") + 1);
95 $str = stristr($str, "VALUE=");
96 $str = substr(stristr($str, "\""),1);
97 $str = substr($str, 0, strpos($str, "\""));
98
99 // Extra check to see if the result contains '@'
100 if (!stristr($str, "@")) {
101 array_push($msgs, _("Cannot change password!") . " (2)" );
102 return $msgs;
103 }
104
105 $useraddr = $str;
106
107 //Include (almost) all input fields from screen
108
109 $contents2 = $result;
110
111 $tag = stristr($contents2, "<INPUT");
112
113 while ($tag) {
114 $contents2 = stristr($contents2, "<INPUT");
115 $tag = substr($contents2, 0, strpos($contents2, ">") + 1);
116
117 if (GetSub($tag, "TYPE") == "TEXT" ||
118 GetSub($tag, "TYPE") == "HIDDEN" ||
119 GetSub($tag, "TYPE") == "PASSWORD") {
120 $tags[GetSub($tag, "NAME")] = GetSub($tag, "VALUE");
121 }
122
123 if ((GetSub($tag, "TYPE") == "RADIO" ||
124 GetSub($tag, "TYPE") == "CHECKBOX") &&
125 IsChecked($tag)) {
126 $tags[GetSub($tag, "NAME")] = GetSub($tag, "VALUE");
127 }
128 $contents2 = substr($contents2, 1);
129 }
130
131 $tags["action"] = $merak_action;
132 $tags["usraddr"] = $useraddr;
133 $tags["usr_pass"] = $newpw;
134 $tags["usr_conf"] = $newpw;
135
136 $str2 = "";
137 foreach ($tags as $key => $value) {
138 $str2 .= $key . "=" . urlencode($value) . "&";
139 }
140
141 $str2 = trim($str2, "&");
142
143 // Change password!
144
145 $ch = curl_init();
146 curl_setopt ($ch, CURLOPT_URL, $newurl);
147 curl_setopt ($ch, CURLOPT_POST, 1);
148 curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
149 curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
150 curl_setopt ($ch, CURLOPT_POSTFIELDS, $str2);
151 $result=curl_exec ($ch);
152 curl_close ($ch);
153
154 if (strpos($result, "Failure") <> 0) {
155 array_push($msgs, _("Cannot change password!") . " (3)");
156 return $msgs;
157 }
158
159 return $msgs;
160 }
161
162 function GetSub($tag, $type) {
163
164 $str = stristr($tag, $type . "=");
165 $str = substr($str, strlen($type) + 1);
166 $str = trim($str, '"');
167
168 if (!strpos($str, " ") === false) {
169 $str = substr($str, 0, strpos($str, " "));
170 $str = trim($str, '"');
171 }
172
173 if (!(strpos($str, '"') === false)) {
174 $str = substr($str, 0, strpos($str, '"'));
175 }
176
177 $str = trim($str, '>');
178
179 return $str;
180 }
181
182 function IsChecked($tag) {
183
184 if (!(strpos(strtolower($tag), 'checked') === false)) {
185 return true;
186 }
187
188 return false;
189 }