Source for file peardb.php
Documentation is available at peardb.php
* Change password PearDB backend
* @copyright 2005-2020 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id: peardb.php 14845 2020-01-07 08:09:34Z pdontthink $
* @subpackage change_password
* Global is needed because library must be loaded before configuration
* in order to use DB constants.
global $cpw_peardb_detect;
$cpw_peardb_detect=
@include_once('DB.php');
/** declare configuration globals */
global $cpw_peardb_dsn, $cpw_peardb_connect_opts, $cpw_peardb_table,
$cpw_peardb_uid_field, $cpw_peardb_domain_field, $cpw_peardb_passwd_field,
$cpw_peardb_crypted_passwd, $cpw_peardb_debug;
* Any format supported by peardb
* @global mixed $cpw_peardb_dsn
* Pear DB connection options
* @global array $cpw_peardb_connect_opts
$cpw_peardb_connect_opts=
array();
* Table that stores user information
* @global string $cpw_peardb_table
* Field that stores user name
* @global string $cpw_peardb_uid_field
$cpw_peardb_uid_field=
'userid';
* Field that stores domain part of username
* @global string $cpw_peardb_domain_field
$cpw_peardb_domain_field=
'';
* Field that stores password
* @global string $cpw_peardb_passwd_field
$cpw_peardb_passwd_field=
'password';
* Passwords are plaintext or encrypted
* @global boolean $cpw_peardb_crypted_passwd
$cpw_peardb_crypted_passwd=
false;
* Controls output debugging errors
* Error messages might contain login and password information.
* Don't enable on production systems.
* @global boolean $cpw_peardb_debug
/** configuration overrides */
if ( isset
($cpw_peardb) &&
is_array($cpw_peardb) &&
!empty($cpw_peardb) ) {
if (isset
($cpw_peardb['dsn']))
$cpw_peardb_dsn=
$cpw_peardb['dsn'];
if (isset
($cpw_peardb['connect_opts']))
$cpw_peardb_connect_opts=
$cpw_peardb['connect_opts'];
if (isset
($cpw_peardb['table']))
$cpw_peardb_table=
$cpw_peardb['table'];
if (isset
($cpw_peardb['uid_field']))
$cpw_peardb_uid_field=
$cpw_peardb['uid_field'];
if (isset
($cpw_peardb['domain_field']))
$cpw_peardb_domain_field=
$cpw_peardb['domain_field'];
if (isset
($cpw_peardb['password_field']))
$cpw_peardb_passwd_field=
$cpw_peardb['password_field'];
if (isset
($cpw_peardb['crypted_passwd']))
$cpw_peardb_crypted_passwd=
true;
if (isset
($cpw_peardb['debug']))
$cpw_peardb_debug=
$cpw_peardb['debug'];
* Define here the name of your password changing function.
global $squirrelmail_plugin_hooks;
$squirrelmail_plugin_hooks['change_password_dochange']['peardb'] =
$squirrelmail_plugin_hooks['change_password_init']['peardb'] =
* Checks if configuration is correct
if (! $cpw_peardb_detect) {
error_box(_("Plugin is unable to use PHP Pear DB libraries. PHP Pear includes must be available in your PHP include_path setting."));
$oTemplate->display('footer.tpl');
// Test required settings
||
trim($cpw_peardb_table)==
'' ) {
error_box(_("Required change password backend configuration options are missing."));
$oTemplate->display('footer.tpl');
* @param array data The username/curpw/newpw data.
* @return array Array of error messages.
$username =
$data['username'];
// split user and domain parts from username, if domain field is set and username looks like email.
if ($cpw_peardb_domain_field!=
'' &&
preg_match("/(.*)@(.*)/",$username,$match)) {
// connect to database and make sure that table exists
$cpw_db =
DB::connect($cpw_peardb_dsn, $cpw_peardb_connect_opts);
if (PEAR::isError($cpw_db)) {
$table_info =
$cpw_db->tableinfo($cpw_peardb_table);
if (PEAR::isError($table_info)) {
if (empty($table_info)) {
$cpw_peardb_uid_check=
false;
$cpw_peardb_passwd_check=
false;
$cpw_peardb_domain_check=
(($cpw_peardb_domain_field==
'')?
true :
false);
foreach($table_info as $key =>
$field_data) {
if ($field_data['name']==
$cpw_peardb_uid_field)
$cpw_peardb_uid_check=
true;
if ($field_data['name']==
$cpw_peardb_passwd_field)
$cpw_peardb_passwd_check=
true;
if ($cpw_peardb_domain_field!=
'' &&
$field_data['name']==
$cpw_peardb_domain_field)
$cpw_peardb_domain_check=
true;
if (! $cpw_peardb_uid_check) {
if (! $cpw_peardb_passwd_check) {
if (! $cpw_peardb_domain_check) {
.
' '.
$cpw_db->quoteIdentifier($cpw_peardb_uid_field)
.
', '.
$cpw_db->quoteIdentifier($cpw_peardb_passwd_field)
.
(($cpw_peardb_domain_field!=
'') ?
', '.
$cpw_db->quoteIdentifier($cpw_peardb_domain_field):
'')
.
' FROM '.
$cpw_db->quoteIdentifier($cpw_peardb_table)
.
$cpw_db->quoteIdentifier($cpw_peardb_uid_field).
'='.
$cpw_db->quoteSmart($user)
.
(($cpw_peardb_domain_field!=
'') ?
' AND '.
$cpw_db->quoteIdentifier($cpw_peardb_domain_field).
'='.
$cpw_db->quoteSmart($user_domain):
$cpw_res=
$cpw_db->query($query);
if (PEAR::isError($cpw_res)) {
// make sure that there is only one user.
if ($cpw_res->numRows()==
0) {
array_push($msgs,_("Unable to find user in user table."));
if ($cpw_res->numRows()>
1) {
array_push($msgs,_("Too many matches found in user table."));
// FIXME: process possible errors
$cpw_res->fetchInto($userdb,DB_FETCHMODE_ASSOC);
if ($cpw_peardb_crypted_passwd) {
array_push($msgs,_("Unable to detect password crypto algorithm."));
if ($hashed_pw==
$userdb[$cpw_peardb_passwd_field]) {
} elseif ($userdb[$cpw_peardb_passwd_field]==
$curpw) {
if ($cpw_peardb_crypted_passwd) {
// make sure that password was created
array_push($msgs,_("Unable to encrypt new password."));
.
$cpw_db->quoteIdentifier($cpw_peardb_table)
.
' SET '.
$cpw_db->quoteIdentifier($cpw_peardb_passwd_field)
.
'='.
$cpw_db->quoteSmart($hashed_passwd)
.
' WHERE '.
$cpw_db->quoteIdentifier($cpw_peardb_uid_field)
.
'='.
$cpw_db->quoteSmart($user)
.
(($cpw_peardb_domain_field!=
'') ?
' AND '.
$cpw_db->quoteIdentifier($cpw_peardb_domain_field).
'='.
$cpw_db->quoteSmart($user_domain) :
$cpw_res=
$cpw_db->query($update_query);
// check for update error
if (PEAR::isError($cpw_res)) {
// close database connection
* Detects password crypto
* reports 'crypt' if fails to detect any other crypt
* @param string $password
if (preg_match("/^\{(.+)\}+/",$password,$crypto)) {
// {CRYPT} can be standard des crypt, extended des crypt, md5 crypt or blowfish
// depends on first salt symbols (ext_des = '_', md5 = '$1$', blowfish = '$2')
// and length of salt (des = 2 chars, ext_des = 9, md5 = 12, blowfish = 16).
if (preg_match("/^\{crypt\}\\\$1\\\$+/i",$password)) {
} elseif (preg_match("/^\{crypt\}\\\$2+/i",$password)) {
} elseif (preg_match("/^\{crypt\}_+/i",$password)) {
* @param string $password plain text password
* @param string $crypto used crypto
* @param array $msgs error messages
* @param string $forced_salt old password used to create password hash for verification
* @return string hashed password. false, if hashing fails
// extra symbols used for random string in crypt salt
// squirrelmail GenerateRandomString() adds alphanumerics with third argument = 7.
$ret=
'{PLAIN-MD5}' .
md5($password);
// split username into user and domain parts
$ret=
'{DIGEST-MD5}' .
md5($match[1].
':'.
$match[2].
':'.
$password);
array_push($msgs,_("Unable to use digest-md5 crypto."));
if (! defined('CRYPT_STD_DES') ||
CRYPT_STD_DES==
0) {
$ret =
($crypto==
'tagged_crypt' ?
'{crypt}' :
'');
$ret.=
crypt($password,$salt);
if (! defined('CRYPT_MD5') ||
CRYPT_MD5==
0) {
$ret =
($crypto==
'tagged_md5crypt' ?
'{crypt}' :
'');
$ret.=
crypt($password,$salt);
if (! defined('CRYPT_EXT_DES') ||
CRYPT_EXT_DES==
0) {
$ret =
($crypto==
'tagged_extcrypt' ?
'{crypt}' :
'');
$ret.=
crypt($password,$salt);
if (! defined('CRYPT_BLOWFISH') ||
CRYPT_BLOWFISH==
0) {
$ret =
($crypto==
'tagged_blowfish' ?
'{crypt}' :
'');
$ret.=
crypt($password,$salt);
Documentation generated on Mon, 13 Jan 2020 04:23:20 +0100 by phpDocumentor 1.4.3