Author Topic: changepasswd_sql and MD5 passwords  (Read 10111 times)

Offline syadnom

  • Newbie
  • *
  • Posts: 6
changepasswd_sql and MD5 passwords
« on: June 16, 2009, 05:03:25 PM »
I am trying to get .3beta with changepasswd_sql going but my database uses MD5 encrypted passwords.  The readme doesnt describe how to handle MD5 passwords instead of plaintext passwords.

Can anyone help me out on this?

Offline rosali

  • Hero Member
  • *****
  • Posts: 2,533
changepasswd_sql and MD5 passwords
« Reply #1 on: June 17, 2009, 01:23:43 AM »
Do you mean how to get a md5 hash by PHP?

$md5 = md5("plain text");
Regards,
Rosali
__________________
MyRoundcube Project (commercial)

Offline techdude

  • Jr. Member
  • **
  • Posts: 38
changepasswd_sql and MD5 passwords
« Reply #2 on: July 12, 2009, 03:19:27 PM »
How do I put MD5 into the MYSQL Query?  Here is the config.inc.php file:

// query to verify current password
// this query should return 1 result - the data returned is not used, the number of rows is counted to verify success
// %u will be replaced with the users username (from RC session)
// %o will be replaced with the users current password
// %n will be replaced with the users new password
$changepasswd_config['sql_select'] = "SELECT username FROM users WHERE username='%u' AND password='%o';";

// query to update password
// %u will be replaced with the users username (from RC session)
// %o will be replaced with the users current password
// %n will be replaced with the users new password
$changepasswd_config['sql_update'] = "UPDATE users SET password='%n' WHERE username='%u' AND password='%n';";

Offline techdude

  • Jr. Member
  • **
  • Posts: 38
changepasswd_sql and MD5 passwords
« Reply #3 on: July 12, 2009, 03:58:33 PM »
Oh, and I'm using Postfixadmin

Posted via Mobile Device

Offline JohnDoh

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2,845
changepasswd_sql and MD5 passwords
« Reply #4 on: July 12, 2009, 04:17:48 PM »
have you tried this? note sure if the SQL is correct but mysql does support the md5 function.

Code: [Select]

$changepasswd_config['sql_select'] = "SELECT username FROM users WHERE username='%u' AND password=md5('%o');";
$changepasswd_config['sql_update'] = "UPDATE users SET password=md5('%n') WHERE username='%u' AND password=md5('%o');";
Roundcube Plugins: Contextmenu, SpamAssassin Prefs, and more…

Offline techdude

  • Jr. Member
  • **
  • Posts: 38
changepasswd_sql and MD5 passwords
« Reply #5 on: July 12, 2009, 06:56:24 PM »
When I tested it out it gives me: "Error: Current password incorrect:" And I am typing my password correctly...is the PostfixAdmin doing something weird with MD5?
« Last Edit: July 12, 2009, 06:58:57 PM by techdude »

Offline JohnDoh

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2,845
changepasswd_sql and MD5 passwords
« Reply #6 on: July 13, 2009, 02:26:24 PM »
the only thing i can suggest is for you to look in the save function in changepasswd_sql.php and may be get it to dump out the SQL so you can try it manually and see where it is going wrong.

I have never tried the plugin with MD5 passwords so I dont know for sure how it will work but as I said all the "work" is done in the save function in changepasswd_sql.php - if you need to change any php, that is the place to do it.

Also you might want to look at the password plugin available in the trunk, as you might have seen on my webpage I am scrapping my plugin in favour of this one since it is much better.
Roundcube Plugins: Contextmenu, SpamAssassin Prefs, and more…