Change password postfix+courier+mysql

[Dexterp37]

Ouch, try this one, which is .txt but the other one works fine for me :| (WinZip) Please note that you may need to change the query to suit your database, in save_prefs.inc.

I also wrote a short tutorial to help adding this mod to your roundcube installation which can be found here.

[speedyboy]

I have a problem with the password, unfortunately for me ENCRYPT not works.

And md5 is not works.

In my database the password is ENCRYPT Function, unfortunately when I modify it the roundcube , that password is not going though already.

Thank You

And sorry about my bad english

[speedyboy]

error log

[24-Mar-2008 20:02:01] PHP Fatal error: Call to undefined function ENCRYPT()

[Dexterp37]

It looks like you have no ENCRYPT function in your sources. Are you sure there's such a function in your code? What are you using to store passwords?

[speedyboy]

program\steps\settings\save_prefs.inc
// Password MOD
password' => isset($_POST['_password']) ? TRUE : FALSE,
// End Password MOD


 // Password MOD
if (isset($_POST['_password']))
{
$tmpEncPass = ENCRYPT($_POST['_password'], "");
 
 mysql_query("UPDATE CCC.TableWithPasswordHERE SET password = '".$tmpEncPass."' WHERE username = '".$_SESSION['username']."'")
or die(mysql_error());
 
$_SESSION['password'] = encrypt_passwd($_POST['_password']);
}
 // End Password MOD


program\steps\settings\func.inc

 // Password MOD
$field_id = 'rcmfd_password';
$input_password = new textfield(array('name' => '_password', 'id' => $field_id, 'size' => 20));
$out .= sprintf("%s%s (empty = unchanged)\n",
$field_id,
rep_specialchars_output(rcube_label('password')),
$input_password->show();
// End Password MOD

[Dexterp37]

You have to change this line:

Code Select Expand

$tmpEncPass = ENCRYPT($_POST['_password'], "");
In order to match the encryption you use to store your passwords in your database. If your passwords are stored as md5 hashes, you could use php native md5 function referenced here in PHP manual.

Don't forget the query as well to suit your database structure.

[speedyboy]

Thanks for the idea, Dexterp37

[LaPanthere]

for native DES crypt you need to change the crypt like :
 
$tmpEncPass = crypt($_POST['_password'],'xx');

regards

[Martin2008]

I just applied this mod to 0.1stable, and it works flawlessly. I've attached the patch to this post. Let me know if it works, that's my first patch!

Hello,

I really like this plugin and I am not really a coder but I was wondering where do I get the specific info on the following:

1. YourEncryptionFunctionHERE
2. UPDATE CCC.TableWithPasswordHERE SET

I apologize for my ignorance on this matter. Thanks.

Martin

[Dexterp37]

Since you also left a comment on my blog, I also replied there

[acadia]

So, I'm new to roundcube, quick question, does a plugin already exist for mysql,exim,courier mail to change password (virtual user setup), or do I have to write my own? Basically, how would you do changepassword with roundcube given mysql,exim,courier mail virtual user setup? What I'm reading here are people are writing some bits of their own code, is this standard fair?

[Dexterp37]

Yes, sort of. AFAIK, there's no intention to bring change password functionality in roundcube because of the very different behavior each backend software has. The code I posted works directly on the underlying database to write password in it. You should be able to use it as well, if exim stores passwords in a database.

[speedyboy]

Hello boys

And Thanks for the ideas

How it would be possible to rewrite this md5 to native DES crypt (ENCRYPT) whit this script.

function rcmail_save_passwd($curpassword, $newpassword){
   global $DB, $CONFIG, $OUTPUT;
      
   $DB->query('select password from postfix.mailbox where username=\''.$_SESSION['username'].'\'');
   $row = $DB->fetch_assoc();
   $actualCryptedPassword = md5($curpassword);
   
   if ($actualCryptedPassword != $row['password'])
      return false;
   else {//ok, we can proceed
      $DB->query('update postfix.mailbox set password=\''.md5($newpassword).'\',modified=NOW() where username=\''.$_SESSION['username'].'\'');
      if (!$DB->is_error()) {
         $_SESSION['password'] = encrypt_passwd($newpassword); //save the new password in the session
        return true;
      } else
        return false;
      
   }
}

http://blog.julienwadin.be/index.php/2007/05/26/72-modification-du-password-email-dans-roundcube
-----------------------------------------------

Thank You

[CPECAH]

it looks like there is some change in the code - because in the
program\steps\settings\func.inc
i can not find where to put the password box.
can you help ?

program\steps\settings\save_prefs.inc
// Password MOD
password' => isset($_POST['_password']) ? TRUE : FALSE,
// End Password MOD


 // Password MOD
if (isset($_POST['_password']))
{
$tmpEncPass = ENCRYPT($_POST['_password'], "");
 
 mysql_query("UPDATE CCC.TableWithPasswordHERE SET password = '".$tmpEncPass."' WHERE username = '".$_SESSION['username']."'")
or die(mysql_error());
 
$_SESSION['password'] = encrypt_passwd($_POST['_password']);
}
 // End Password MOD


program\steps\settings\func.inc

 // Password MOD
$field_id = 'rcmfd_password';
$input_password = new textfield(array('name' => '_password', 'id' => $field_id, 'size' => 20));
$out .= sprintf("%s%s (empty = unchanged)\n",
$field_id,
rep_specialchars_output(rcube_label('password')),
$input_password->show();
// End Password MOD

[lion_kg]

I am using roundcube 0.2.1 too and cannot find where to put the change password section in settings. I mean the part that should go into program\steps\settings\func.inc.  Has anyone applied this patch on stable version?