X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=plugins%2Fchange_password%2Fbackend%2Fldap.php;h=f0ff7419255932f0f1a24ccb6c3aae716951d9b0;hp=d7342d26c18b63e317b4940a5fbd5463f157f18f;hb=c4faef335b2362c81b8ebf026d4066c12d70536c;hpb=4b5049de2fa934c45599d6e4c74bf2bbee10d34d

diff --git a/plugins/change_password/backend/ldap.php b/plugins/change_password/backend/ldap.php
index d7342d26..f0ff7419 100644
--- a/plugins/change_password/backend/ldap.php
+++ b/plugins/change_password/backend/ldap.php
@@ -3,7 +3,7 @@
 /**
  * Change password LDAP backend
  *
- * @copyright &copy; 2005-2007 The SquirrelMail Project Team
+ * @copyright 2005-2020 The SquirrelMail Project Team
  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package plugins
@@ -13,8 +13,7 @@
 /**
  * do not allow to call this file directly
  */
-if ((isset($_SERVER['SCRIPT_FILENAME']) && $_SERVER['SCRIPT_FILENAME'] == __FILE__) ||
-     (isset($HTTP_SERVER_SERVER['SCRIPT_FILENAME']) && $HTTP_SERVER_SERVER['SCRIPT_FILENAME'] == __FILE__) ) {
+if (isset($_SERVER['SCRIPT_FILENAME']) && $_SERVER['SCRIPT_FILENAME'] == __FILE__) {
     header("Location: ../../../src/login.php");
     die();
 }
@@ -22,7 +21,7 @@ if ((isset($_SERVER['SCRIPT_FILENAME']) && $_SERVER['SCRIPT_FILENAME'] == __FILE
 /** load required functions */
 
 /** sqimap_get_user_server() function */
-include_once(SM_PATH . '../functions/imap_general.php');
+include_once(SM_PATH . 'functions/imap_general.php');
 
 /** get imap server and username globals */
 global $imapServerAddress, $username;
@@ -551,7 +550,6 @@ function cpw_ldap_password_hash($pass,$crypto,&$msgs,$forced_salt='') {
     case 'smd5':
         // minimal requirement = mhash extension with md5 support and php 4.0.4.
         if( function_exists( 'mhash' ) && function_exists( 'mhash_keygen_s2k' ) && defined('MHASH_MD5')) {
-            sq_mt_seed( (double) microtime() * 1000000 );
             if ($forced_salt!='') {
                 $salt=$forced_salt;
             } else {
@@ -591,7 +589,6 @@ function cpw_ldap_password_hash($pass,$crypto,&$msgs,$forced_salt='') {
     case 'ssha':
         // minimal requirement = mhash extension and php 4.0.4
         if( function_exists( 'mhash' ) && function_exists( 'mhash_keygen_s2k' ) && defined('MHASH_SHA1')) {
-            sq_mt_seed( (double) microtime() * 1000000 );
             if ($forced_salt!='') {
                 $salt=$forced_salt;
             } else {
@@ -649,7 +646,7 @@ function cpw_ldap_password_hash($pass,$crypto,&$msgs,$forced_salt='') {
         break;
     default:
         array_push($msgs,sprintf(_("Unsupported crypto: %s"),
-                                 (is_string($ldap_crypto) ? htmlspecialchars($ldap_crypto) : _("unknown"))));
+                                 (is_string($ldap_crypto) ? sm_encode_html_special_chars($ldap_crypto) : _("unknown"))));
     }
     return $ret;
 }