Alternc  latest
Alternc logiel libre pour l'hébergement
Functions | Variables
change.php File Reference

Go to the source code of this file.

Functions

if(!function_exists("__")) _md5cr ($pass, $salt="")
 Hashe un mot de passe en clair en MD5 avec un salt aléatoire. More...
 

Variables

 $link
 
if($link) else
 
const SM_PATH '../../'
 
global $username
 
global $base_uri
 
global $key
 
global $onetimepad
 
 $errstr =""
 

Function Documentation

◆ _md5cr()

if (!function_exists("__")) _md5cr (   $pass,
  $salt = "" 
)

Hashe un mot de passe en clair en MD5 avec un salt aléatoire.

Parameters
string$passMot de passe à crypter (max 32 caractères)
Returns
string Retourne le mot de passe crypté @access private

Definition at line 20 of file change.php.

20  {
21  if (!$salt) {
22  $chars="./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
23  for ($i=0;$i<12;$i++) {
24  $salt.=substr($chars,(mt_rand(0,strlen($chars))),1);
25  }
26  $salt="$1$".$salt;
27  }
28  return crypt($pass,$salt);
29  }
30 
31 $link=mysql_connect(
32  ALTERNC_CHANGEPASS_MYSQL_HOST,
33  ALTERNC_CHANGEPASS_MYSQL_USER,
34  ALTERNC_CHANGEPASS_MYSQL_PASSWORD
35  );
36 if ($link) {
37  mysql_select_db(ALTERNC_CHANGEPASS_MYSQL_DB);
38 } else {
39  __("Can't connect to MySQL server on AlternC!");
40 }
41 
42 
43 define('SM_PATH','../../');
44 
45 /* SquirrelMail required files. */
46 require_once(SM_PATH . 'include/validate.php');
47 require_once(SM_PATH . 'functions/page_header.php');
48 require_once(SM_PATH . 'functions/imap.php');
49 require_once(SM_PATH . 'include/load_prefs.php');
50 
51  /* get globals */
52 sqgetGlobalVar('username', $username, SQ_SESSION);
53 
54 //require_once (SM_PATH . "plugins/alternc_changepass/config.php");
55 //session_start();
56 
57 textdomain("alternc");
58 
59 global $username, $base_uri, $key, $onetimepad;
60 
61 list($login,$domain)=explode("@",$username,2);
62 $errstr="";
63 
64 if ($_POST['acp_oldpass'] && $_POST['acp_newpass'] && $_POST['acp_verify']) {
65  if ($_POST['acp_newpass']!=$_POST['acp_verify']) {
66  $errstr=_("Your new passwords are differents, pleasy try again.");
67  } else {
68  // Check the old password
69  $r=mysql_query("SELECT a.password, a.id FROM address a,domaines d WHERE a.address='".addslashes($login)."' AND a.domain_id=d.id AND d.domaine='".addslashes($domain)."';");
70  echo mysql_error();
71  if (!($c=mysql_fetch_array($r))) {
72  $errstr=_("Your account has not been found, please try again later or ask an administrator.");
73  } else {
74  if ($c["password"]!=_md5cr($_POST['acp_oldpass'],$c["password"])) {
75  $errstr=_("Your current password is incorrect, please try again.");
76  } else {
77  // FIXME DO Check the password policy :
78  /*
79  if (is_callable(array($admin,"checkPolicy")) &&
80  !$admin->checkPolicy("pop",$username,$_POST['acp_newpass'])) {
81  $errstr=_("This password is not strong enough for your policy, set a stronger password or call your administrator");
82  } else {
83  */
84  // ok, let's change the password
85  $acp_newpass=$_POST['acp_newpass'];
86  $newp=_md5cr($acp_newpass);
87  mysql_query("UPDATE address SET password='".addslashes($newp)."' WHERE id=".$c["id"]." ;");
88  $errstr=_("Your password has been successfully changed. Don't forget to change it in your mail software if you are using one (Outlook, Mozilla, Thunderbird, Eudora ...)");
89 
90  // Write new cookies for the password
91  $onetimepad = OneTimePadCreate(strlen($acp_newpass));
92  sqsession_register($onetimepad,'onetimepad');
93  $key = OneTimePadEncrypt($acp_newpass, $onetimepad);
94  setcookie("key", $key, 0, $base_uri);
95  // }
96  }
97  }
98  }
99 } // POSTED data ?
$c
$c
Definition: bootstrap.php:47
$r
$r
Definition: aws_add.php:75
$errstr
$errstr
Definition: change.php:62
SM_PATH
const SM_PATH
Definition: change.php:43
$base_uri
global $base_uri
Definition: change.php:59
$onetimepad
global $onetimepad
Definition: change.php:59
$key
global $key
Definition: change.php:59
$link
$link
Definition: change.php:31
_md5cr
if(!function_exists("__")) _md5cr($pass, $salt="")
Hashe un mot de passe en clair en MD5 avec un salt aléatoire.
Definition: change.php:20
$username
global $username
Definition: change.php:59
$domain
$domain
Definition: dom_import.php:36
__
__($str)
Definition: functions.php:404
$login
$login
Definition: quotas_oneuser.php:42
$i
$i
Definition: sql_getparam.php:55

References $i.

Variable Documentation

◆ $base_uri

global $base_uri

Definition at line 59 of file change.php.

◆ $errstr

$errstr =""

Definition at line 62 of file change.php.

Referenced by m_admin\checkalldom(), and m_lxc\sendMessage().

◆ $key

global $key

Definition at line 59 of file change.php.

◆ $link

$link
Initial value:
=mysql_connect(
ALTERNC_CHANGEPASS_MYSQL_HOST,
ALTERNC_CHANGEPASS_MYSQL_USER,
ALTERNC_CHANGEPASS_MYSQL_PASSWORD
)

Definition at line 31 of file change.php.

Referenced by m_mem\ChangeMail1().

◆ $onetimepad

global $onetimepad

Definition at line 59 of file change.php.

◆ $username

global $username

Definition at line 59 of file change.php.

Referenced by m_aws\_createconf(), m_piwik\clean_user_name(), m_mem\login(), and m_mem\temporary_login().

◆ else

if ( $link) else
Initial value:
{
__("Can't connect to MySQL server on AlternC!")

Definition at line 38 of file change.php.

◆ SM_PATH

const SM_PATH '../../'

Definition at line 43 of file change.php.