Third Party Contributions > Old Style Plug-Ins
RoundCube Webmail 0.1-beta changepassword patch
igeoffi:
REPOST
originally posted by poison
this patch/plugin will allow you to change your password
please note: i did not make/create this hack therefore i am not offering any support for this hack or any gurantee that this hack will work for you
--- Quote ---When I was deploying the new corporate mailserver I needed to re-install the webmail client. We used to work with SquirrelMail (http://www.squirrelmail.org/), a very decent and extendable webmail client. But we all know that the UI of SquirrelMail is ugly, really ugly.
So after some googling I came across this new great webmail client named RoundCube (http://www.roundcube.net/). This is a new fully featured AJAX-based webmail client with a very slick UI. From the first moment I saw that RoundCube was the way to go.
After I did the installation and played around with the webclient I wanted to extend it and give the ability to my users to change their password. The basic idea was to add a tab ‘Password’ in the settings window. Since I’ve configured my mailserver (postfix) with mysql (user fields are created dynamically) it’s just a matter of updating the correct row in the database and reconnect to the IMAP server (courier-imap).
The only problem is that the framework of RoundCube is creap, and I mean really crap. It took me 6 hours to create the tab and the underlaying forms / code. Not because I work that slow but because it’s not intuitive and you have to mess in 5 files in order to add a new action (Ok, I only worked at night on it so my mind wasn’t that clear but anyway).
Below I’ve attached the patch, so if some of you want to make your own tab you can read through the patch and see how it works.
It uses an external script (ext/change_password_function.inc) with one function in it: change_password_function ($user, $currentpass, $newpass).
In my case, it just updates the postfix mailbox database but you can modify this code to fit your needs (eg. if you use the courierpassd you can connect to the password-daemon and change the user’s password here).
Enjoy it,
Nicolas
--- End quote ---
download: click here
Source: http://www.poison.be/?p=8
SKaero:
Thanks For posting this, It will be a good tool!
Hunteru:
I made a few changes in the original file to work with vpopmail (mysql).
--- Code: ---<?php
/*
+-----------------------------------------------------------------------+
| program/steps/settings/change_password.inc |
| |
| This file is part of the RoundCube Webmail client |
| Copyright (C) 2005, RoundCube Dev. - Switzerland |
| Licensed under the GNU GPL |
| |
| PURPOSE: |
| Show edit form for a identity record or to add a new one |
| |
+-----------------------------------------------------------------------+
| Author: Nicolas Van Eenaeme <nicolas@poison.be> |
+-----------------------------------------------------------------------+
$Id: edit_identity.inc,v 1.1 2006/05/21 05:19:43 roundcube Exp $
*/
// The host of the database
define ('RCUBE_EXT_CHANGE_PASS_HOST', 'localhost');
// The username to connect to the database
define ('RCUBE_EXT_CHANGE_PASS_USER', 'user');
// The password to connect to the database
define ('RCUBE_EXT_CHANGE_PASS_PASS', 'password');
// The name of the database
define ('RCUBE_EXT_CHANGE_PASS_NAME', 'vpopmail');
// The update query. You can use '%clear%' for the clear password,
// '%md5%' for the md5 encrypted password,
// '%user%' for the username,
// '%old%' for the old password and
// '%oldmd5%' for the old md5 encrypted password.
define ('RCUBE_EXT_CHANGE_PASS_UPDATEQUERY', 'UPDATE vpopmail SET pw_clear_passwd = "%clear%", pw_passwd = "%md5%" WHERE pw_name = "%user%" AND pw_passwd = "%oldmd5%" AND pw_domain = "%domain%"');
// The select query (needed to verify the md5.
define ('RCUBE_EXT_CHANGE_PASS_SELECTQUERY', 'SELECT pw_passwd FROM vpopmail WHERE pw_name = "%user%" AND pw_domain = "%domain%"');
function split_user ($user)
{
list($s_user, $s_domain) = split('[@]', $user);
return array($s_user,$s_domain);
}
function change_password_function ($s_user, $currentpass, $newpass)
{
list ($user, $domain) = split_user ($s_user);
$dbh =& mysql_connect (RCUBE_EXT_CHANGE_PASS_HOST, RCUBE_EXT_CHANGE_PASS_USER, RCUBE_EXT_CHANGE_PASS_PASS);
if (!is_resource ($dbh))
return FALSE;
if (!mysql_select_db (RCUBE_EXT_CHANGE_PASS_NAME, $dbh))
return FALSE;
$q = str_replace (array ('%user%', '%domain%'), array ($user, $domain), RCUBE_EXT_CHANGE_PASS_SELECTQUERY);
$dbr =& mysql_query ($q, $dbh);
if (!is_resource ($dbr))
return FALSE;
$data = mysql_fetch_row ($dbr);
mysql_free_result ($dbr);
$newpassmd5 = crypt ($newpass, $data[0]);
$currentpassmd5 = crypt ($currentpass, $data[0]);
$q = str_replace (array ('%user%', '%domain%', '%clear%', '%md5%', '%old%', '%oldmd5%'), array ($user, $domain, $newpass, $newpassmd5, $currentpass, $currentpassmd5), RCUBE_EXT_CHANGE_PASS_UPDATEQUERY);
$dbr =& mysql_query ($q, $dbh);
if (!$dbr || mysql_affected_rows ($dbh) != 1)
return FALSE;
mysql_close ($dbh);
return TRUE;
}
?>
--- End code ---
Thx for the original tool. 8)
chadsmith:
Here are the changes if you are using Roundcube with hMailServer...
--- Code: ---<?php
/*
+-----------------------------------------------------------------------+
| program/steps/settings/change_password.inc |
| |
| This file is part of the RoundCube Webmail client |
| Copyright (C) 2005, RoundCube Dev. - Switzerland |
| Licensed under the GNU GPL |
| |
| PURPOSE: |
| Show edit form for a identity record or to add a new one |
| |
+-----------------------------------------------------------------------+
| Author: Nicolas Van Eenaeme <nicolas@poison.be> |
+-----------------------------------------------------------------------+
$Id: edit_identity.inc,v 1.1 2006/05/21 05:19:43 roundcube Exp $
*/
// The host of the database
define ('RCUBE_EXT_CHANGE_PASS_HOST', 'localhost');
// The username to connect to the database
define ('RCUBE_EXT_CHANGE_PASS_USER', 'user');
// The password to connect to the database
define ('RCUBE_EXT_CHANGE_PASS_PASS', 'password');
// The name of the database
define ('RCUBE_EXT_CHANGE_PASS_NAME', 'database');
// The update query. You can use '%clear%' for the clear password,
// '%md5%' for the md5 encrypted password,
// '%user%' for the username,
// '%old%' for the old password and
// '%oldmd5%' for the old md5 encrypted password.
define ('RCUBE_EXT_CHANGE_PASS_UPDATEQUERY', 'UPDATE hm_accounts SET accountpassword = "%md5%" WHERE accountaddress = "%user%" AND accountpassword = "%oldmd5%"');
// The select query (needed to verify the md5.
define ('RCUBE_EXT_CHANGE_PASS_SELECTQUERY', 'SELECT accountpassword FROM hm_accounts WHERE accountaddress = "%user%"');
function change_password_function ($user, $currentpass, $newpass)
{
$dbh =& mysql_connect (RCUBE_EXT_CHANGE_PASS_HOST, RCUBE_EXT_CHANGE_PASS_USER, RCUBE_EXT_CHANGE_PASS_PASS);
if (!is_resource ($dbh))
return FALSE;
if (!mysql_select_db (RCUBE_EXT_CHANGE_PASS_NAME, $dbh))
return FALSE;
$q = str_replace ('%user%', $user, RCUBE_EXT_CHANGE_PASS_SELECTQUERY);
$dbr =& mysql_query ($q, $dbh);
if (!is_resource ($dbr))
return FALSE;
$data = mysql_fetch_row ($dbr);
mysql_free_result ($dbr);
$newpassmd5 = md5($newpass);
$currentpassmd5 = md5($currentpass);
$q = str_replace (array ('%user%', '%clear%', '%md5%', '%old%', '%oldmd5%'), array ($user, $newpass, $newpassmd5, $currentpass, $currentpassmd5), RCUBE_EXT_CHANGE_PASS_UPDATEQUERY);
$dbr =& mysql_query ($q, $dbh);
if (!$dbr || mysql_affected_rows ($dbh) != 1)
return FALSE;
mysql_close ($dbh);
return TRUE;
}
?>
--- End code ---
Rick:
I can use one of these Password patches if my server uses Qmail? I use a Virtual Server provided by a hosting company and can access the backend via Plesk configurations. The server comes with Horde (ugly interface) to handle "webmail functions." I am using RoundCube for my site members, but have to refer them to Horde to be able make a password change on their own. Can one of these patched noted here allow my members to change their email through RoundCube. If the change is made via RoundCube/MySQL, does it change it everywhere like Horde does or just on MySQL? Sorry, if I should know this. I would love to just forget Horde, but it is the only option I have at the moment to let members change their own PWs.
Any advice or suggestions will be greatly apprecaited. -- Rick
Navigation
[0] Message Index
[#] Next page
Go to full version