Source for file merak.php
Documentation is available at merak.php
* Merakchange password backend
* @author Edwin van Elk <edwin at eve-software.com>
* @copyright 2004-2020 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id: merak.php 14845 2020-01-07 08:09:34Z pdontthink $
* @subpackage change_password
global $merak_url, $merak_selfpage, $merak_action;
$merak_url =
"http://localhost:32000/";
$merak_selfpage =
"self.html";
$merak_action =
"self_edit";
// get overrides from config.
if ( isset
($cpw_merak) &&
is_array($cpw_merak) &&
!empty($cpw_merak) ) {
foreach ( $cpw_merak as $key =>
$value ) {
if ( isset
($
{'merak_'.
$key}) )
$
{'merak_'.
$key} =
$value;
global $squirrelmail_plugin_hooks;
$squirrelmail_plugin_hooks['change_password_dochange']['merak'] =
$squirrelmail_plugin_hooks['change_password_init']['merak'] =
* Check if php install has all required extensions.
// user_error('Curl module NOT available!', E_USER_ERROR);
error_box(_("PHP Curl extension is NOT available! Unable to change password!"));
// close html and stop script execution
$oTemplate->display('footer.tpl');
* This is the function that is specific to your backend. It takes
* the current password (as supplied by the user) and the desired
* new password. It will return an array of messages. If everything
* was successful, the array will be empty. Else, it will contain
* Constants to be used for these messages:
* CPW_CURRENT_NOMATCH -> "Your current password is not correct."
* CPW_INVALID_PW -> "Your new password contains invalid characters."
* @param array data The username/currentpw/newpw data.
* @return array Array of error messages.
// unfortunately, we can only pass one parameter to a hook function,
// so we have to pass it as an array.
$username =
$data['username'];
global $merak_url, $merak_selfpage, $merak_action;
curl_setopt ($ch, CURLOPT_URL, $merak_url .
$merak_selfpage);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_TIMEOUT, 10);
curl_setopt ($ch, CURLOPT_USERPWD, "$username:$curpw");
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
$result =
curl_exec ($ch);
if (strpos($result, "401 Access denied") <>
0) {
array_push($msgs, _("Cannot change password! (Is user 'Self Configurable User' ?) (401)"));
// Get URL from: <FORM METHOD="POST" ACTION="success.html?id=a9375ee5e445775e871d5e1401a963aa">
// Extra check to see if the result contains 'html'
array_push($msgs, _("Cannot change password!") .
" (1)" );
$newurl =
$merak_url .
$str;
// Get useraddr from: $useraddr = <INPUT TYPE="HIDDEN" NAME="usraddr" VALUE="[email protected]">
$str =
stristr($result, "usraddr");
// Extra check to see if the result contains '@'
array_push($msgs, _("Cannot change password!") .
" (2)" );
//Include (almost) all input fields from screen
$tag =
stristr($contents2, "<INPUT");
$contents2 =
stristr($contents2, "<INPUT");
if (GetSub($tag, "TYPE") ==
"TEXT" ||
GetSub($tag, "TYPE") ==
"HIDDEN" ||
GetSub($tag, "TYPE") ==
"PASSWORD") {
if ((GetSub($tag, "TYPE") ==
"RADIO" ||
GetSub($tag, "TYPE") ==
"CHECKBOX") &&
$contents2 =
substr($contents2, 1);
$tags["action"] =
$merak_action;
$tags["usraddr"] =
$useraddr;
$tags["usr_pass"] =
$newpw;
$tags["usr_conf"] =
$newpw;
foreach ($tags as $key =>
$value) {
$str2 .=
$key .
"=" .
urlencode($value) .
"&";
$str2 =
trim($str2, "&");
curl_setopt ($ch, CURLOPT_URL, $newurl);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $str2);
if (strpos($result, "Failure") <>
0) {
array_push($msgs, _("Cannot change password!") .
" (3)");
function GetSub($tag, $type) {
if (!strpos($str, " ") ===
false) {
if (!(strpos($str, '"') ===
false)) {
Documentation generated on Mon, 13 Jan 2020 04:23:03 +0100 by phpDocumentor 1.4.3