diff --git a/plugins/vpopmail-change-password/ChangePasswordVpopmailDriver.php b/plugins/vpopmail-change-password/ChangePasswordVpopmailDriver.php new file mode 100755 index 000000000..aa7529bd3 --- /dev/null +++ b/plugins/vpopmail-change-password/ChangePasswordVpopmailDriver.php @@ -0,0 +1,229 @@ +mHost = $mHost; + return $this; + } + + /** + * @param string $mUser + * + * @return \ChangePasswordVpopmailDriver + */ + public function SetmUser($mUser) + { + $this->mUser = $mUser; + return $this; + } + + /** + * @param string $mPass + * + * @return \ChangePasswordVpopmailDriver + */ + public function SetmPass($mPass) + { + $this->mPass = $mPass; + return $this; + } + + /** + * @param string $mDatabase + * + * @return \ChangePasswordVpopmailDriver + */ + public function SetmDatabase($mDatabase) + { + $this->mDatabase = $mDatabase; + return $this; + } + + /** + * @param string $mTable + * + * @return \ChangePasswordVpopmailDriver + */ + public function SetmTable($mTable) + { + $this->mTable = $mTable; + return $this; + } + + /** + * @param string $mColumn + * + * @return \ChangePasswordVpopmailDriver + */ + public function SetmColumn($mColumn) + { + $this->mColumn = $mColumn; + return $this; + } + + /** + * @param \MailSo\Log\Logger $oLogger + * + * @return \ChangePasswordVpopmailDriver + */ + public function SetLogger($oLogger) + { + if ($oLogger instanceof \MailSo\Log\Logger) + { + $this->oLogger = $oLogger; + } + + return $this; + } + + /** + * @param array $aDomains + * + * @return bool + */ + public function SetAllowedDomains($aDomains) + { + if (\is_array($aDomains) && 0 < \count($aDomains)) + { + $this->aDomains = $aDomains; + } + + return $this; + } + + /** + * @param \RainLoop\Account $oAccount + * + * @return bool + */ + public function PasswordChangePossibility($oAccount) + { + return $oAccount && $oAccount->Domain() && + \in_array(\strtolower($oAccount->Domain()->Name()), $this->aDomains); + } + + /** + * @param \RainLoop\Account $oAccount + * @param string $sPrevPassword + * @param string $sNewPassword + * + * @return bool + */ + public function ChangePassword(\RainLoop\Account $oAccount, $sPrevPassword, $sNewPassword) + { + if ($this->oLogger) + { + $this->oLogger->Write('Try to change password for '.$oAccount->Email()); + } + + $bResult = false; + + $dsn = 'mysql:host='.$this->mHost.';dbname='.$this->mDatabase.';charset=utf8'; + $options = array( + PDO::ATTR_EMULATE_PREPARES => false, + PDO::ATTR_PERSISTENT => true, + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION + ); + + try + { + $conn = new PDO($dsn,$this->mUser,$this->mPass,$options); + + $select = $conn->prepare("SELECT $this->mColumn FROM $this->mTable WHERE pw_name=? AND pw_domain=? LIMIT 1"); + + $email_parts = explode("@", $oAccount->Email()); + + $select->execute(array( + $email_parts[0], + $email_parts[1] + )); + + $colCrypt = $select->fetchAll(PDO::FETCH_ASSOC); + $sCryptPass = $colCrypt[0][$this->mColumn]; + + if (0 < strlen($sCryptPass) && crypt($sPrevPassword, $sCryptPass) === $sCryptPass /*&& 7 < mb_strlen($sNewPassword) && 20 > mb_strlen($sNewPassword) && !preg_match('/[^A-Za-z0-9]+/', $sNewPassword)*/) + { + + $update = $conn->prepare('UPDATE '.$this->mTable.' SET '.$this->mColumn.'=ENCRYPT(?,concat("$1$",right(md5(rand()), 8 ),"$")), pw_clear_passwd=\'\' WHERE pw_name=? AND pw_domain=?'); + $update->execute(array( + $sNewPassword, + $email_parts[0], + $email_parts[1] + )); + + + + $bResult = true; + if ($this->oLogger) + { + $this->oLogger->Write('Success! Password changed.'); + } + } + else + { + $bResult = false; + if ($this->oLogger) + { + $this->oLogger->Write('Something went wrong. Either current password is incorrect, or new password does not match criteria.'); + } + } + + } + catch (\Exception $oException) + { + $bResult = false; + if ($this->oLogger) + { + $this->oLogger->WriteException($oException); + } + } + + return $bResult; + } +} diff --git a/plugins/vpopmail-change-password/LICENSE b/plugins/vpopmail-change-password/LICENSE new file mode 100755 index 000000000..6739d4b4e --- /dev/null +++ b/plugins/vpopmail-change-password/LICENSE @@ -0,0 +1,20 @@ +The MIT License (MIT) + +Copyright (c) 2015 Almas at Dusal.net + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/plugins/vpopmail-change-password/VERSION b/plugins/vpopmail-change-password/VERSION new file mode 100755 index 000000000..d3827e75a --- /dev/null +++ b/plugins/vpopmail-change-password/VERSION @@ -0,0 +1 @@ +1.0 diff --git a/plugins/vpopmail-change-password/index.php b/plugins/vpopmail-change-password/index.php new file mode 100755 index 000000000..8f85a9fea --- /dev/null +++ b/plugins/vpopmail-change-password/index.php @@ -0,0 +1,71 @@ +addHook('main.fabrica', 'MainFabrica'); + } + + /** + * @param string $sName + * @param mixed $oProvider + */ + public function MainFabrica($sName, &$oProvider) + { + switch ($sName) + { + case 'change-password': + + include_once __DIR__.'/ChangePasswordVpopmailDriver.php'; + + $oProvider = new ChangePasswordVpopmailDriver(); + + $sDomains = \strtolower(\trim(\preg_replace('/[\s;,]+/', ' ', + $this->Config()->Get('plugin', 'domains', '')))); + + if (0 < \strlen($sDomains)) + { + $aDomains = \explode(' ', $sDomains); + $oProvider->SetAllowedDomains($aDomains); + } + + $oProvider + ->SetLogger($this->Manager()->Actions()->Logger()) + ->SetmHost($this->Config()->Get('plugin', 'mHost', '')) + ->SetmUser($this->Config()->Get('plugin', 'mUser', '')) + ->SetmPass($this->Config()->Get('plugin', 'mPass', '')) + ->SetmDatabase($this->Config()->Get('plugin', 'mDatabase', '')) + ->SetmTable($this->Config()->Get('plugin', 'mTable', '')) + ->SetmColumn($this->Config()->Get('plugin', 'mColumn', '')) + ; + + break; + } + } + + /** + * @return array + */ + public function configMapping() + { + return array( + \RainLoop\Plugins\Property::NewInstance('domains')->SetLabel('Allowed Domains') + ->SetType(\RainLoop\Enumerations\PluginPropertyType::STRING_TEXT) + ->SetDescription('Allowed domains, space as delimiter') + ->SetDefaultValue('* gmail.com yahoo.com dusal.net'), + \RainLoop\Plugins\Property::NewInstance('mHost')->SetLabel('MySQL Host') + ->SetDefaultValue('localhost'), + \RainLoop\Plugins\Property::NewInstance('mUser')->SetLabel('MySQL User') + ->SetDefaultValue('vpopmail'), + \RainLoop\Plugins\Property::NewInstance('mPass')->SetLabel('MySQL Password') + ->SetType(\RainLoop\Enumerations\PluginPropertyType::PASSWORD), + \RainLoop\Plugins\Property::NewInstance('mDatabase')->SetLabel('MySQL Database') + ->SetDefaultValue('vpopmail'), + \RainLoop\Plugins\Property::NewInstance('mTable')->SetLabel('MySQL Table') + ->SetDefaultValue('vpopmail'), + \RainLoop\Plugins\Property::NewInstance('mColumn')->SetLabel('MySQL Column') + ->SetDefaultValue('pw_passwd') + ); + } +}