Hello,
I have the latest stable install running on a LAMP server (FREEBSD). I activated the password plugin and set
$rcmail_config['password_query'] = 'UPDATE email_boxes SET pass=encrypt("%p") WHERE id=( SELECT box_id AS id FROM email_addresses WHERE local_part="%l" AND domain="%d" )';
The above query does work when I command line login to mysql as the roundcube user and manualy replace the macros with string values. However, when I try to change the password using the roundcube plugin it fails. I get a log entry of this:
MDB2 Error: unknown error (-1): _doQuery: [Error message: Could not execute statement]\n[Last executed query: EXECUTE mdb2_statement_mysql_3297cb4b9d57d3a1bb004ea69c7fe47fc3c20f226 USING @0]\n[Native code: 1210]\n[Native message: Incorrect arguments to EXECUTE]
I set logging on the mysql server so I can see the queries:
881 Query PREPARE mdb2_statement_mysql_376246a0926cc143cbfdb0ba329f81b5ec9c93fc7 FROM 'UPDATE email_boxes SET pass=encrypt(\"?\") WHERE id=( SELECT box_id AS id FROM email_addresses WHERE local_part=\"\'test\'\" AND domain=\"\'google.com\'\" )'
881 Prepare UPDATE email_boxes SET pass=encrypt("?") WHERE id=( SELECT box_id AS id FROM email_addresses WHERE local_part="'test'" AND domain="'google.com'" )
110829 12:36:54 881 Query SET @0 = 'newpassword'
110829 12:37:01 881 Query EXECUTE mdb2_statement_mysql_376246a0926cc143cbfdb0ba329f81b5ec9c93fc7 USING @0
Ok, so I log into mysql command line as roundcube and re-create those above commands. The last one fails with this:
ERROR 1210 (HY000): Incorrect arguments to EXECUTE
I modify my db dsn in roundcube/plugins/password/config.inc.php to use mysqli instead of mysql and then try updating the password via roundcube and I get this error in my apache log:
PHP Warning: mysqli_stmt_bind_param(): Number of variables doesn't match number of parameters in prepared statement in /usr/local/www/roundcube/program/lib/MDB2/Driver/mysqli.php on line 1757, referer: http://google.com/email/?_task=settings&_action=plugin.password
MDB2 Error: unknown error (-1): _execute: [Error message: Unable to bind parameters]\n[Last executed query: UPDATE email_boxes SET pass=encrypt("?") WHERE id=( SELECT box_id AS id FROM email_addresses WHERE local_part="'test'" AND domain="'google.com'" )]\n[Native code: 0]\n, referer: http://google.com/email/?_task=settings&_action=plugin.password
Before I spend hours tearing apart the PHP code, I am hoping that I am simply overlooking something basic and a more experienced roundcube user may be able to shed some light on what's happening.
Thank you for any help anyone can provide
Remove quotes from the password_query.
wow, i'm pretty embarrassed i made that mistake ... thank you