Merge pull request #1888 from hifihedgehog/master

Added CyberPanel password changing plugin

plugins/change-password-cyberpanel/ChangePasswordCyberPanel.php

@@ -0,0 +1,138 @@
+<?php
+
+class ChangePasswordCyberPanel implements \RainLoop\Providers\ChangePassword\ChangePasswordInterface
+{
+	/**
+	 * @var string
+	 */
+	private $mHost = '127.0.0.1';
+
+	/**
+	 * @var string
+	 */
+	private $mUser = '';
+
+	/**
+	 * @var string
+	 */
+	private $mPass = '';
+
+	/**
+	 * @var \MailSo\Log\Logger
+	 */
+	private $oLogger = null;
+
+	/**
+	 * @param string $mHost
+	 *
+	 * @return \ChangePasswordCyberPanel
+	 */
+	public function SetmHost($mHost)
+	{
+		$this->mHost = $mHost;
+		return $this;
+	}
+
+	/**
+	 * @param string $mUser
+	 *
+	 * @return \ChangePasswordCyberPanel
+	 */
+	public function SetmUser($mUser)
+	{
+		$this->mUser = $mUser;
+		return $this;
+	}
+
+	/**
+	 * @param string $mPass
+	 *
+	 * @return \ChangePasswordCyberPanel
+	 */
+	public function SetmPass($mPass)
+	{
+		$this->mPass = $mPass;
+		return $this;
+	}
+
+	/**
+	 * @param \MailSo\Log\Logger $oLogger
+	 *
+	 * @return \ChangePasswordCyberPanel
+	 */
+	public function SetLogger($oLogger)
+	{
+		if ($oLogger instanceof \MailSo\Log\Logger)
+		{
+			$this->oLogger = $oLogger;
+		}
+
+		return $this;
+	}
+
+	/**
+	 * @param \RainLoop\Account $oAccount
+	 *
+	 * @return bool
+	 */
+	public function PasswordChangePossibility($oAccount)
+	{
+		return $oAccount && $oAccount->Email();
+	}
+
+	/**
+	 * @param \RainLoop\Account $oAccount
+	 * @param string $sPrevPassword
+	 * @param string $sNewPassword
+	 *
+	 * @return bool
+	 */
+	public function ChangePassword(\RainLoop\Account $oAccount, $sPrevPassword, $sNewPassword)
+	{
+		if ($this->oLogger)
+		{
+			$this->oLogger->Write('Try to change password for '.$oAccount->Email());
+		}
+
+		$bResult = false;
+		$db = mysqli_connect($this->mHost, $this->mUser, $this->mPass, 'cyberpanel');
+
+		try
+		{
+			$sEmail = mysqli_real_escape_string($db, $oAccount->Email());
+			$sEmailUser = mysqli_real_escape_string($db, \MailSo\Base\Utils::GetAccountNameFromEmail($sEmail));
+			$sEmailDomain = mysqli_real_escape_string($db, \MailSo\Base\Utils::GetDomainFromEmail($sEmail));
+
+			$password_check_query = "SELECT * FROM e_users WHERE emailOwner_id = '$sEmailDomain' AND email = '$sEmail'";
+			$result = mysqli_query($db, $password_check_query);
+			$password_check = mysqli_fetch_assoc($result);
+            
+			if (password_verify($sPrevPassword, substr($password_check['password'], 7))) {
+				$hashed_password = mysqli_real_escape_string($db, '{CRYPT}'.password_hash($sNewPassword, PASSWORD_BCRYPT, ['cost' => 12,]));
+				$password_update_query = "UPDATE e_users SET password = '$hashed_password' WHERE emailOwner_id = '$sEmailDomain' AND email = '$sEmail'";
+				mysqli_query($db, $password_update_query);
+				$bResult = true;
+				if ($this->oLogger)
+				{
+					$this->oLogger->Write('Success! The password was changed.');
+				}
+			} else {
+				$bResult = false;
+				if ($this->oLogger)
+				{
+					$this->oLogger->Write('Something went wrong. Either the current password is incorrect or the new password does not meet the criteria.');
+				}
+			}
+		}
+		catch (\Exception $oException)
+		{
+			$bResult = false;
+			if ($this->oLogger)
+			{
+				$this->oLogger->WriteException($oException);
+			}
+		}
+		
+		return $bResult;
+	}
+}

plugins/change-password-cyberpanel/LICENSE

@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2019 David Forbush
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

plugins/change-password-cyberpanel/README

@@ -0,0 +1 @@
+This plugin allows you to change passwords of email accounts managed by CyberPanel web panel software

plugins/change-password-cyberpanel/README.md

@@ -0,0 +1,10 @@
+RainLoop CyberPanel Password Changing Plugin
+============================================
+
+This plugin adds password changing capability to RainLoop webmail for servers running CyberPanel web panel software.
+
+##### Installation is simple:
+
+1. Place the change-password-cyberpanel folder in the plugins directory (e.g. _RainLoopDir_/data/data_xxxxx/_default/plugins/*).
+2. In RainLoop administration panel, go to Plugins and activate change-password-cyberpanel.
+3. Enter CyberPanel's SQL user details on the plugin configuration screen.

plugins/change-password-cyberpanel/VERSION

@@ -0,0 +1 @@
+1.1

plugins/change-password-cyberpanel/index.php

@@ -0,0 +1,44 @@
+<?php
+
+class ChangePasswordCyberPanelPlugin extends \RainLoop\Plugins\AbstractPlugin
+{
+	public function Init()
+	{
+		$this->addHook('main.fabrica', 'MainFabrica');
+	}
+
+	/**
+	 * @param string $sName
+	 * @param mixed $oProvider
+	 */
+	public function MainFabrica($sName, &$oProvider)
+	{
+		switch ($sName)
+		{
+			case 'change-password':
+				include_once __DIR__.'/ChangePasswordCyberPanel.php';
+				$oProvider = new ChangePasswordCyberPanel();
+				$oProvider
+					->SetLogger($this->Manager()->Actions()->Logger())
+					->SetmHost($this->Config()->Get('plugin', 'mHost', ''))
+					->SetmUser($this->Config()->Get('plugin', 'mUser', ''))
+					->SetmPass($this->Config()->Get('plugin', 'mPass', ''))
+				;
+			break;
+		}
+	}
+
+	/**
+	 * @return array
+	 */
+	public function configMapping()
+	{
+		return array(
+			\RainLoop\Plugins\Property::NewInstance('mHost')->SetLabel('MySQL Host')
+				->SetDefaultValue('127.0.0.1'),
+			\RainLoop\Plugins\Property::NewInstance('mUser')->SetLabel('MySQL User'),
+			\RainLoop\Plugins\Property::NewInstance('mPass')->SetLabel('MySQL Password')
+				->SetType(\RainLoop\Enumerations\PluginPropertyType::PASSWORD)
+		);
+	}
+}