a7132919fc6032d5997d3ac569c22d6f83fdab79
4 * Merakchange password backend
6 * @author Edwin van Elk <edwin at eve-software.com>
7 * @copyright © 2004-2006 The SquirrelMail Project Team
8 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
11 * @subpackage change_password
18 global $merak_url, $merak_selfpage, $merak_action;
22 $merak_url = "http://localhost:32000/";
23 $merak_selfpage = "self.html";
24 $merak_action = "self_edit";
26 // get overrides from config.
27 if ( isset($cpw_merak) && is_array($cpw_merak) && !empty($cpw_merak) ) {
28 foreach ( $cpw_merak as $key => $value ) {
29 if ( isset($
{'merak_'.$key}) )
30 $
{'merak_'.$key} = $value;
34 global $squirrelmail_plugin_hooks;
35 $squirrelmail_plugin_hooks['change_password_dochange']['merak'] =
37 $squirrelmail_plugin_hooks['change_password_init']['merak'] =
41 * Check if php install has all required extensions.
43 function cpw_merak_init() {
47 * If SM_PATH isn't defined, define it. Required to include files.
50 if (!defined('SM_PATH')) {
51 define('SM_PATH','../../../');
54 // load error_box() function
55 include_once(SM_PATH
. 'functions/display_messages.php');
57 if (!function_exists('curl_init')) {
58 // user_error('Curl module NOT available!', E_USER_ERROR);
59 error_box(_("PHP Curl extension is NOT available! Unable to change password!"),$color);
60 // close html and stop script execution
61 echo "</body></html>\n";
67 * This is the function that is specific to your backend. It takes
68 * the current password (as supplied by the user) and the desired
69 * new password. It will return an array of messages. If everything
70 * was successful, the array will be empty. Else, it will contain
71 * the errormessage(s).
72 * Constants to be used for these messages:
73 * CPW_CURRENT_NOMATCH -> "Your current password is not correct."
74 * CPW_INVALID_PW -> "Your new password contains invalid characters."
76 * @param array data The username/currentpw/newpw data.
77 * @return array Array of error messages.
79 function cpw_merak_dochange($data)
81 // unfortunately, we can only pass one parameter to a hook function,
82 // so we have to pass it as an array.
83 $username = $data['username'];
84 $curpw = $data['curpw'];
85 $newpw = $data['newpw'];
89 global $merak_url, $merak_selfpage, $merak_action;
92 curl_setopt ($ch, CURLOPT_URL
, $merak_url . $merak_selfpage);
93 curl_setopt ($ch, CURLOPT_RETURNTRANSFER
, 1);
94 curl_setopt ($ch, CURLOPT_TIMEOUT
, 10);
95 curl_setopt ($ch, CURLOPT_USERPWD
, "$username:$curpw");
96 curl_setopt ($ch, CURLOPT_FOLLOWLOCATION
, 1);
97 $result = curl_exec ($ch);
100 if (strpos($result, "401 Access denied") <> 0) {
101 array_push($msgs, _("Cannot change password! (Is user 'Self Configurable User' ?) (401)"));
105 // Get URL from: <FORM METHOD="POST" ACTION="success.html?id=a9375ee5e445775e871d5e1401a963aa">
107 $str = stristr($result, "<FORM");
108 $str = substr($str, 0, strpos($str, ">") +
1);
109 $str = stristr($str, "ACTION=");
110 $str = substr(stristr($str, "\""),1);
111 $str = substr($str, 0, strpos($str, "\""));
113 // Extra check to see if the result contains 'html'
114 if (!stristr($str, "html")) {
115 array_push($msgs, _("Cannot change password!") . " (1)" );
119 $newurl = $merak_url . $str;
121 // Get useraddr from: $useraddr = <INPUT TYPE="HIDDEN" NAME="usraddr" VALUE="mail@hostname.com">
123 $str = stristr($result, "usraddr");
124 $str = substr($str, 0, strpos($str, ">") +
1);
125 $str = stristr($str, "VALUE=");
126 $str = substr(stristr($str, "\""),1);
127 $str = substr($str, 0, strpos($str, "\""));
129 // Extra check to see if the result contains '@'
130 if (!stristr($str, "@")) {
131 array_push($msgs, _("Cannot change password!") . " (2)" );
137 //Include (almost) all input fields from screen
139 $contents2 = $result;
141 $tag = stristr($contents2, "<INPUT");
144 $contents2 = stristr($contents2, "<INPUT");
145 $tag = substr($contents2, 0, strpos($contents2, ">") +
1);
147 if (GetSub($tag, "TYPE") == "TEXT" ||
148 GetSub($tag, "TYPE") == "HIDDEN" ||
149 GetSub($tag, "TYPE") == "PASSWORD") {
150 $tags[GetSub($tag, "NAME")] = GetSub($tag, "VALUE");
153 if ((GetSub($tag, "TYPE") == "RADIO" ||
154 GetSub($tag, "TYPE") == "CHECKBOX") &&
156 $tags[GetSub($tag, "NAME")] = GetSub($tag, "VALUE");
158 $contents2 = substr($contents2, 1);
161 $tags["action"] = $merak_action;
162 $tags["usraddr"] = $useraddr;
163 $tags["usr_pass"] = $newpw;
164 $tags["usr_conf"] = $newpw;
167 foreach ($tags as $key => $value) {
168 $str2 .= $key . "=" . urlencode($value) . "&";
171 $str2 = trim($str2, "&");
176 curl_setopt ($ch, CURLOPT_URL
, $newurl);
177 curl_setopt ($ch, CURLOPT_POST
, 1);
178 curl_setopt ($ch, CURLOPT_RETURNTRANSFER
, 1);
179 curl_setopt ($ch, CURLOPT_FOLLOWLOCATION
, 1);
180 curl_setopt ($ch, CURLOPT_POSTFIELDS
, $str2);
181 $result=curl_exec ($ch);
184 if (strpos($result, "Failure") <> 0) {
185 array_push($msgs, _("Cannot change password!") . " (3)");
192 function GetSub($tag, $type) {
194 $str = stristr($tag, $type . "=");
195 $str = substr($str, strlen($type) +
1);
196 $str = trim($str, '"');
198 if (!strpos($str, " ") === false) {
199 $str = substr($str, 0, strpos($str, " "));
200 $str = trim($str, '"');
203 if (!(strpos($str, '"') === false)) {
204 $str = substr($str, 0, strpos($str, '"'));
207 $str = trim($str, '>');
212 function IsChecked($tag) {
214 if (!(strpos(strtolower($tag), 'checked') === false)) {