Add merak backend by E. van Elk, fix a bug and some cosmetic changes. The

plugin is now ready for addition of all the backends.

plugins/change_password/backend/merak.php

@@ -0,0 +1,184 @@
+<?php
+/* Merakchange password backend
+ * Author: Edwin van Elk <Edwin@eve-software.com>
+ */
+
+/**
+ * Config vars
+ */
+
+global $merak_url, $merak_selfpage, $merak_action;
+
+// The Merak Server
+
+$merak_url = "http://localhost:32000/";
+$merak_selfpage = "self.html";
+$merak_action = "self_edit";
+
+// NO NEED TO CHANGE ANYTHING BELOW THIS LINE
+
+global $squirrelmail_plugin_hooks;
+$squirrelmail_plugin_hooks['change_password_dochange']['merak'] = 
+   'cpw_merak_dochange';
+
+/**
+ * This is the function that is specific to your backend. It takes
+ * the current password (as supplied by the user) and the desired
+ * new password. It will return an array of messages. If everything
+ * was successful, the array will be empty. Else, it will contain
+ * the errormessage(s).
+ * Constants to be used for these messages:
+ * CPW_CURRENT_NOMATCH -> "Your current password is not correct."
+ * CPW_INVALID_PW -> "Your new password contains invalid characters."
+ *
+ * @param array data The username/currentpw/newpw data. 
+ * @return array Array of error messages.
+ */
+function cpw_merak_dochange($data)
+{
+   // unfortunately, we can only pass one parameter to a hook function,
+   // so we have to pass it as an array.
+   $username = $data['username'];
+   $curpw = $data['curpw'];
+   $newpw = $data['newpw'];
+
+   $msgs = array();
+
+   global $merak_url, $merak_selfpage, $merak_action, $use_ssl_for_password_change, $debug;
+
+   if (!function_exists('curl_init')) {
+
+      // user_error('Curl module NOT available!', E_USER_ERROR);
+      array_push($msgs, _("Curl module NOT available! Unable to change password!"));
+      return $msgs;
+   }
+
+   $ch = curl_init();
+   curl_setopt ($ch, CURLOPT_URL, $merak_url . $merak_selfpage);
+   curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
+   curl_setopt ($ch, CURLOPT_TIMEOUT, 10);
+   curl_setopt ($ch, CURLOPT_USERPWD, "$username:$curpw");
+   curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
+   $result = curl_exec ($ch);
+   curl_close ($ch);
+
+   if (strpos($result, "401 Access denied") <> 0) {
+      array_push($msgs, _("Cannot change password! (Is user 'Self Configurable User' ?) (401)"));
+      return $msgs;
+   }
+
+   // Get URL from: <FORM METHOD="POST" ACTION="success.html?id=a9375ee5e445775e871d5e1401a963aa">
+
+   $str = stristr($result, "<FORM");
+   $str = substr($str, 0, strpos($str, ">") + 1);
+   $str = stristr($str, "ACTION=");
+   $str = substr(stristr($str, "\""),1);
+   $str = substr($str, 0, strpos($str, "\""));
+
+   // Extra check to see if the result contains 'html'
+   if (!stristr($str, "html")) {
+      array_push($msgs, _("Cannot change password!") . " (1)" );
+      return $msgs;
+   }
+
+   $newurl = $merak_url . $str;
+
+   // Get useraddr from: $useraddr = <INPUT TYPE="HIDDEN" NAME="usraddr" VALUE="mail@hostname.com">
+
+   $str = stristr($result, "usraddr");
+   $str = substr($str, 0, strpos($str, ">") + 1);
+   $str = stristr($str, "VALUE=");
+   $str = substr(stristr($str, "\""),1);
+   $str = substr($str, 0, strpos($str, "\""));
+
+   // Extra check to see if the result contains '@'
+   if (!stristr($str, "@")) {
+      array_push($msgs, _("Cannot change password!") . " (2)" );
+      return $msgs;
+   }
+
+   $useraddr = $str;
+
+   //Include (almost) all input fields from screen
+
+   $contents2 = $result;
+
+   $tag = stristr($contents2, "<INPUT");
+
+   while ($tag) {
+      $contents2 = stristr($contents2, "<INPUT");
+      $tag = substr($contents2, 0, strpos($contents2, ">") + 1);
+
+      if (GetSub($tag, "TYPE") == "TEXT" ||
+          GetSub($tag, "TYPE") == "HIDDEN" ||
+          GetSub($tag, "TYPE") == "PASSWORD") {
+         $tags[GetSub($tag, "NAME")] = GetSub($tag, "VALUE");
+      }
+
+      if ((GetSub($tag, "TYPE") == "RADIO" ||
+           GetSub($tag, "TYPE") == "CHECKBOX") &&
+          IsChecked($tag)) {
+         $tags[GetSub($tag, "NAME")] = GetSub($tag, "VALUE");
+      }
+      $contents2 = substr($contents2, 1);
+   }
+
+   $tags["action"]   = $merak_action;
+   $tags["usraddr"]  = $useraddr;
+   $tags["usr_pass"] = $newpw;
+   $tags["usr_conf"] = $newpw;
+
+   $str2 = "";
+   foreach ($tags as $key => $value) {
+      $str2 .= $key . "=" . urlencode($value) . "&";
+   }
+
+   $str2 = trim($str2, "&");
+
+   // Change password!
+
+   $ch = curl_init();
+   curl_setopt ($ch, CURLOPT_URL, $newurl);
+   curl_setopt ($ch, CURLOPT_POST, 1);
+   curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
+   curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
+   curl_setopt ($ch, CURLOPT_POSTFIELDS, $str2);
+   $result=curl_exec ($ch);
+   curl_close ($ch);
+
+   if (strpos($result, "Failure") <> 0) {
+     array_push($msgs, _("Cannot change password!") .  " (3)");
+     return $msgs;
+   }
+
+   return $msgs;
+}
+
+function GetSub($tag, $type) {
+
+   $str = stristr($tag, $type . "=");
+   $str = substr($str, strlen($type) + 1);
+   $str = trim($str, '"');
+
+   if (!strpos($str, " ") === false) {
+      $str = substr($str, 0, strpos($str, " "));
+      $str = trim($str, '"');
+   }
+
+   if (!(strpos($str, '"') === false)) {
+      $str = substr($str, 0, strpos($str, '"'));
+   }
+
+   $str = trim($str, '>');
+
+   return $str;
+}
+
+function IsChecked($tag) {
+
+   if (!(strpos(strtolower($tag), 'checked') === false)) {
+      return true;
+   }
+
+   return false;
+}

plugins/change_password/functions.php

@@ -1,10 +1,22 @@
 <?php
 
+/**
+ * functions.php - Change Password plugin
+ *
+ * Copyright (c) 2003-2004 The SquirrelMail Project Team
+ * Licensed under the GNU GPL. For full terms see the file COPYING.
+ *
+ * $Id$
+ * @package plugins
+ * @subpackage change_password
+ */
+
 /**
  * Will verify the input against a set of criteria:
  * is every field supplied, does verify password match,
  * does current password validate, ..
- * These criteria are for now backend-independant.
+ * These criteria are (for now) backend-independant.
+ *
  * @return array Array with zero or more error messages.
  */
 function cpw_check_input()
@@ -41,9 +53,9 @@ function cpw_check_input()
     }
 
     // do we need to do checks that are backend-specific and should
-    // be handled by a hook? I know of none now, but if there's a need
-    // for it we can add a hook for that here.
-    // those checks can also be done in the backend dochange() function.
+    // be handled by a hook? I know of none now, bnd those checks can
+    // also be done in the backend dochange() function. If there turns
+    // out to be a need for it we can add a hook for that here.
 
     return $msg;
 }
@@ -61,8 +73,8 @@ define('CPW_INVALID_PW', _("Your new password contains invalid characters."));
 function cpw_do_change()
 {
     global $cpw_backend;
-    sqgetGlobalVar('cpw_current', $curpw,      SQ_POST);
-    sqgetGlobalVar('cpw_new',     $newpw,      SQ_POST);
+    sqgetGlobalVar('cpw_curpass', $curpw,      SQ_POST);
+    sqgetGlobalVar('cpw_newpass', $newpw,      SQ_POST);
     sqgetGlobalVar('base_uri',    $base_uri,   SQ_SESSION);
     sqgetGlobalVar('onetimepad',  $onetimepad, SQ_SESSION);
     sqgetGlobalVar('key',         $key,        SQ_COOKIE);

plugins/change_password/index.php

@@ -12,6 +12,7 @@
  *
  * $Id$
  * @package plugins
+ * @subpackage change_password
  */
 
 header("Location:../index.php");

plugins/change_password/options.php

@@ -1,5 +1,16 @@
 <?php
 
+/**
+ * options.php - Change Password HTML page
+ *
+ * Copyright (c) 2004 The SquirrelMail Project Team
+ * Licensed under the GNU GPL. For full terms see the file COPYING.
+ *
+ * $Id$
+ * @package plugins
+ * @subpackage change_password
+ */
+
 define('SM_PATH','../../');
 
 include_once (SM_PATH . 'include/validate.php');
@@ -9,8 +20,10 @@ include_once (SM_PATH . 'plugins/change_password/config.php');
 
 /* the form was submitted, go for it */
 if(sqgetGlobalVar('cpw_go', $cpw_go, SQ_POST)) {
+
     /* perform basic checks */
     $Messages = cpw_check_input();
+    
     /* if no errors, go ahead with the actual change */
     if(count($Messages) == 0) {
         $Messages = cpw_do_change();

plugins/change_password/setup.php

@@ -1,12 +1,17 @@
 <?php
 
-/*
- * Generic Change Password plugin
+/**
+ * setup.php - Generic Change Password plugin
+ *
+ * Copyright (c) 2003-2004 The SquirrelMail Project Team
+ * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * This plugin aims to provide a general framework for all password
  * changing methods that currently have their own plugins.
  *
- * $Id $
+ * $Id$
+ * @package plugins
+ * @subpackage change_password
  */
 
 function squirrelmail_plugin_init_change_password() {
@@ -27,5 +32,5 @@ function change_password_optpage() {
 }
 
 function change_password_version() {
-    return '0.1';
+    return '0.2';
 }

plugins/change_password/version

@@ -1,2 +1,2 @@
 Change Password
-0.1
+0.2