/**
* Default constructor
*/
public function __construct($db, $config)
{
$this->db = $db;
$this->start = microtime(true);
$this->ip = rcube_utils::remote_addr();
$this->logging = $config->get('log_session', false);
$lifetime = $config->get('session_lifetime', 1) * 60;
$this->set_lifetime($lifetime);
// use memcache backend
$this->storage = $config->get('session_storage', 'db');
if ($this->storage == 'memcache') {
$this->memcache = rcube::get_instance()->get_memcache();
// set custom functions for PHP session management if memcache is available
if ($this->memcache) {
ini_set('session.serialize_handler', 'php');
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'mc_read'), array($this, 'mc_write'), array($this, 'mc_destroy'), array($this, 'gc'));
} else {
rcube::raise_error(array('code' => 604, 'type' => 'db', 'line' => __LINE__, 'file' => __FILE__, 'message' => "Failed to connect to memcached. Please check configuration"), true, true);
}
} else {
if ($this->storage != 'php') {
ini_set('session.serialize_handler', 'php');
// set custom functions for PHP session management
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'db_read'), array($this, 'db_write'), array($this, 'db_destroy'), array($this, 'gc'));
$this->table_name = $this->db->table_name('session', true);
}
}
}
/**
* Driver initialization/configuration
*/
protected function init()
{
if (version_compare(PHP_VERSION, '5.3.0', '<')) {
rcube::raise_error(array('code' => 600, 'type' => 'db', 'line' => __LINE__, 'file' => __FILE__, 'message' => "MySQL driver requires PHP >= 5.3, current version is " . PHP_VERSION), true, true);
}
// SQL identifiers quoting
$this->options['identifier_start'] = '`';
$this->options['identifier_end'] = '`';
}
function render($args)
{
include_once $this->driver;
if (!function_exists('render_page')) {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "ThreeCol plugin: Broken driver: {$this->driver}"), true, false);
}
$args = render_page($args);
return $args;
}
function save($currpass, $newpass)
{
$rcmail = rcmail::get_instance();
$format = $rcmail->config->get('password_virtualmin_format', 0);
$username = $_SESSION['username'];
switch ($format) {
case 1:
// username%domain
$domain = substr(strrchr($username, "%"), 1);
break;
case 2:
// username.domain (could be bogus)
$pieces = explode(".", $username);
$domain = $pieces[count($pieces) - 2] . "." . end($pieces);
break;
case 3:
// domain.username (could be bogus)
$pieces = explode(".", $username);
$domain = $pieces[0] . "." . $pieces[1];
break;
case 4:
// username-domain
$domain = substr(strrchr($username, "-"), 1);
break;
case 5:
// domain-username
$domain = str_replace(strrchr($username, "-"), "", $username);
break;
case 6:
// username_domain
$domain = substr(strrchr($username, "_"), 1);
break;
case 7:
// domain_username
$pieces = explode("_", $username);
$domain = $pieces[0];
break;
default:
// username@domain
$domain = substr(strrchr($username, "@"), 1);
}
if (!$domain) {
$domain = $rcmail->user->get_username('domain');
}
$username = escapeshellcmd($username);
$domain = escapeshellcmd($domain);
$newpass = escapeshellcmd($newpass);
$curdir = RCUBE_PLUGINS_DIR . 'password/helpers';
exec("{$curdir}/chgvirtualminpasswd modify-user --domain {$domain} --user {$username} --pass {$newpass}", $output, $returnvalue);
if ($returnvalue == 0) {
return PASSWORD_SUCCESS;
} else {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Unable to execute {$curdir}/chgvirtualminpasswd"), true, false);
}
return PASSWORD_ERROR;
}
/**
* Object constructor
*
* @param string $db_dsnw DSN for read/write operations
* @param string $db_dsnr Optional DSN for read only operations
* @param bool $pconn Enables persistent connections
*/
public function __construct($db_dsnw, $db_dsnr = '', $pconn = false)
{
if (version_compare(PHP_VERSION, '5.3.0', '<')) {
rcube::raise_error(array('code' => 600, 'type' => 'db', 'line' => __LINE__, 'file' => __FILE__, 'message' => "MySQL driver requires PHP >= 5.3, current version is " . PHP_VERSION), true, true);
}
parent::__construct($db_dsnw, $db_dsnr, $pconn);
// SQL identifiers quoting
$this->options['identifier_start'] = '`';
$this->options['identifier_end'] = '`';
}
/**
* Constructor
*
* @param string $lang Language code
*/
function __construct($lang = 'en')
{
$this->rc = rcube::get_instance();
$this->engine = $this->rc->config->get('spellcheck_engine', 'googie');
$this->lang = $lang ? $lang : 'en';
if ($this->engine == 'pspell' && !extension_loaded('pspell')) {
rcube::raise_error(array('code' => 500, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Pspell extension not available"), true, true);
}
$this->options = array('ignore_syms' => $this->rc->config->get('spellcheck_ignore_syms'), 'ignore_nums' => $this->rc->config->get('spellcheck_ignore_nums'), 'ignore_caps' => $this->rc->config->get('spellcheck_ignore_caps'), 'dictionary' => $this->rc->config->get('spellcheck_dictionary'));
}
/**
* @param Object $config
*/
public function __construct($config)
{
parent::__construct($config);
$this->memcache = rcube::get_instance()->get_memcache();
$this->debug = $config->get('memcache_debug');
if (!$this->memcache) {
rcube::raise_error(array('code' => 604, 'type' => 'db', 'line' => __LINE__, 'file' => __FILE__, 'message' => "Failed to connect to memcached. Please check configuration"), true, true);
}
// register sessions handler
$this->register_session_handler();
}
private function _do_list($uids, $spam)
{
$rcmail = rcube::get_instance();
$this->sa_user = $rcmail->config->get('sauserprefs_userid', "%u");
$this->sa_table = $rcmail->config->get('sauserprefs_sql_table_name');
$this->sa_username_field = $rcmail->config->get('sauserprefs_sql_username_field');
$this->sa_preference_field = $rcmail->config->get('sauserprefs_sql_preference_field');
$this->sa_value_field = $rcmail->config->get('sauserprefs_sql_value_field');
$identity_arr = $rcmail->user->get_identity();
$identity = $identity_arr['email'];
$this->sa_user = str_replace('%u', $_SESSION['username'], $this->sa_user);
$this->sa_user = str_replace('%l', $rcmail->user->get_username('local'), $this->sa_user);
$this->sa_user = str_replace('%d', $rcmail->user->get_username('domain'), $this->sa_user);
$this->sa_user = str_replace('%i', $identity, $this->sa_user);
if (is_file($rcmail->config->get('markasjunk2_sauserprefs_config')) && !$rcmail->config->load_from_file($rcmail->config->get('markasjunk2_sauserprefs_config'))) {
rcube::raise_error(array('code' => 527, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Failed to load config from " . $rcmail->config->get('markasjunk2_sauserprefs_config')), true, false);
return false;
}
$db = rcube_db::factory($rcmail->config->get('sauserprefs_db_dsnw'), $rcmail->config->get('sauserprefs_db_dsnr'), $rcmail->config->get('sauserprefs_db_persistent'));
$db->set_debug((bool) $rcmail->config->get('sql_debug'));
$db->db_connect('w');
// check DB connections and exit on failure
if ($err_str = $db->is_error()) {
rcube::raise_error(array('code' => 603, 'type' => 'db', 'message' => $err_str), FALSE, TRUE);
}
foreach ($uids as $uid) {
$message = new rcube_message($uid);
$email = $message->sender['mailto'];
if ($spam) {
// delete any whitelisting for this address
$db->query("DELETE FROM `{$this->sa_table}` WHERE `{$this->sa_username_field}` = ? AND `{$this->sa_preference_field}` = ? AND `{$this->sa_value_field}` = ?;", $this->sa_user, 'whitelist_from', $email);
// check address is not already blacklisted
$sql_result = $db->query("SELECT `value` FROM `{$this->sa_table}` WHERE `{$this->sa_username_field}` = ? AND `{$this->sa_preference_field}` = ? AND `{$this->sa_value_field}` = ?;", $this->sa_user, 'blacklist_from', $email);
if (!$db->fetch_array($sql_result)) {
$db->query("INSERT INTO `{$this->sa_table}` (`{$this->sa_username_field}`, `{$this->sa_preference_field}`, `{$this->sa_value_field}`) VALUES (?, ?, ?);", $this->sa_user, 'blacklist_from', $email);
if ($rcmail->config->get('markasjunk2_debug')) {
rcube::write_log('markasjunk2', $this->sa_user . ' blacklist ' . $email);
}
}
} else {
// delete any blacklisting for this address
$db->query("DELETE FROM `{$this->sa_table}` WHERE `{$this->sa_username_field}` = ? AND `{$this->sa_preference_field}` = ? AND `{$this->sa_value_field}` = ?;", $this->sa_user, 'blacklist_from', $email);
// check address is not already whitelisted
$sql_result = $db->query("SELECT `value` FROM `{$this->sa_table}` WHERE `{$this->sa_username_field}` = ? AND `{$this->sa_preference_field}` = ? AND `{$this->sa_value_field}` = ?;", $this->sa_user, 'whitelist_from', $email);
if (!$db->fetch_array($sql_result)) {
$db->query("INSERT INTO `{$this->sa_table}` (`{$this->sa_username_field}`, `{$this->sa_preference_field}`, `{$this->sa_value_field}`) VALUES (?, ?, ?);", $this->sa_user, 'whitelist_from', $email);
if ($rcmail->config->get('markasjunk2_debug')) {
rcube::write_log('markasjunk2', $this->sa_user . ' whitelist ' . $email);
}
}
}
}
}
public function save($currpass, $newpass)
{
$rcmail = rcmail::get_instance();
$this->debug = $rcmail->config->get('ldap_debug');
$cmd = $rcmail->config->get('password_ldap_ppolicy_cmd');
$uri = $rcmail->config->get('password_ldap_ppolicy_uri');
$baseDN = $rcmail->config->get('password_ldap_ppolicy_basedn');
$filter = $rcmail->config->get('password_ldap_ppolicy_search_filter');
$bindDN = $rcmail->config->get('password_ldap_ppolicy_searchDN');
$bindPW = $rcmail->config->get('password_ldap_ppolicy_searchPW');
$cafile = $rcmail->config->get('password_ldap_ppolicy_cafile');
$log_dir = $rcmail->config->get('log_dir');
if (empty($log_dir)) {
$log_dir = RCUBE_INSTALL_PATH . 'logs';
}
// try to open specific log file for writing
$logfile = $log_dir . '/password_ldap_ppolicy.err';
$descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("file", $logfile, "a"));
$cmd = 'plugins/password/helpers/' . $cmd;
$this->_debug("parameters:\ncmd:{$cmd}\nuri:{$uri}\nbaseDN:{$baseDN}\nfilter:{$filter}");
$process = proc_open($cmd, $descriptorspec, $pipes);
if (is_resource($process)) {
// $pipes now looks like this:
// 0 => writeable handle connected to child stdin
// 1 => readable handle connected to child stdout
// Any error output will be appended to /tmp/error-output.txt
fwrite($pipes[0], $uri . "\n");
fwrite($pipes[0], $baseDN . "\n");
fwrite($pipes[0], $filter . "\n");
fwrite($pipes[0], $bindDN . "\n");
fwrite($pipes[0], $bindPW . "\n");
fwrite($pipes[0], $_SESSION['username'] . "\n");
fwrite($pipes[0], $currpass . "\n");
fwrite($pipes[0], $newpass . "\n");
fwrite($pipes[0], $cafile);
fclose($pipes[0]);
$result = stream_get_contents($pipes[1]);
fclose($pipes[1]);
$this->_debug('Result:' . $result);
switch ($result) {
case "OK":
return PASSWORD_SUCCESS;
case "Password is in history of old passwords":
return PASSWORD_IN_HISTORY;
case "Cannot connect to any server":
return PASSWORD_CONNECT_ERROR;
default:
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => $result), true, false);
}
return PASSWORD_ERROR;
}
}
function render($args)
{
$this->include_script($this->local_skin_path() . '/threecol.js');
$this->include_stylesheet($this->local_skin_path() . '/threecol.css');
if (is_readable($this->driver)) {
include_once $this->driver;
if (!function_exists('render_page')) {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "ThreeCol plugin: Broken driver: {$this->driver}"), true, false);
}
$args = render_page($args);
}
return $args;
}
/**
* Factory, returns driver-specific instance of the class
*
* @param object $config
* @return Object rcube_session
*/
public static function factory($config)
{
// get session storage driver
$storage = $config->get('session_storage', 'db');
// class name for this storage
$class = "rcube_session_" . $storage;
// try to instantiate class
if (class_exists($class)) {
return new $class($config);
}
// no storage found, raise error
rcube::raise_error(array('code' => 604, 'type' => 'session', 'line' => __LINE__, 'file' => __FILE__, 'message' => "Failed to find session driver. Check session_storage config option"), true, true);
}
function save($currpass, $newpass)
{
$curdir = RCUBE_PLUGINS_DIR . 'password/helpers';
$username = escapeshellcmd($_SESSION['username']);
$args = rcmail::get_instance()->config->get('password_dbmail_args', '');
exec("{$curdir}/chgdbmailusers -c {$username} -w {$newpass} {$args}", $output, $returnvalue);
if ($returnvalue == 0) {
return PASSWORD_SUCCESS;
} else {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Unable to execute {$curdir}/chgdbmailusers"), true, false);
}
return PASSWORD_ERROR;
}
public function save($currpass, $newpass)
{
$cmd = rcmail::get_instance()->config->get('password_chpasswd_cmd');
$username = $_SESSION['username'];
$handle = popen($cmd, "w");
fwrite($handle, "{$username}:{$newpass}\n");
if (pclose($handle) == 0) {
return PASSWORD_SUCCESS;
} else {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Unable to execute {$cmd}"), true, false);
}
return PASSWORD_ERROR;
}
function save($currpass, $newpass)
{
$curdir = RCUBE_PLUGINS_DIR . 'password/helpers';
$username = escapeshellcmd($_SESSION['username']);
$args = rcmail::get_instance()->config->get('password_saslpasswd_args', '');
if ($fh = popen("{$curdir}/chgsaslpasswd -p {$args} {$username}", 'w')) {
fwrite($fh, $newpass . "\n");
$code = pclose($fh);
if ($code == 0) {
return PASSWORD_SUCCESS;
}
} else {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Unable to execute {$curdir}/chgsaslpasswd"), true, false);
}
return PASSWORD_ERROR;
}
/**
* Configure connection, create database if not exists
*/
protected function conn_configure($dsn, $dbh)
{
// Initialize database structure in file is empty
if (!empty($dsn['database']) && !filesize($dsn['database'])) {
$data = file_get_contents(RCUBE_INSTALL_PATH . 'SQL/sqlite.initial.sql');
if (strlen($data)) {
$this->debug('INITIALIZE DATABASE');
$q = $dbh->exec($data);
if ($q === false) {
$error = $dbh->errorInfo();
$this->db_error = true;
$this->db_error_msg = sprintf('[%s] %s', $error[1], $error[2]);
rcube::raise_error(array('code' => 500, 'type' => 'db', 'line' => __LINE__, 'file' => __FILE__, 'message' => $this->db_error_msg), true, false);
}
}
}
}
function save($currpass, $newpass)
{
$user = $_SESSION['username'];
$error = '';
if (extension_loaded('pam') || extension_loaded('pam_auth')) {
if (pam_auth($user, $currpass, $error, false)) {
if (pam_chpass($user, $currpass, $newpass)) {
return PASSWORD_SUCCESS;
}
} else {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: PAM authentication failed for user {$user}: {$error}"), true, false);
}
} else {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: PECL-PAM module not loaded"), true, false);
}
return PASSWORD_ERROR;
}
public function save($currpass, $newpass)
{
$rcmail = rcmail::get_instance();
$bin = $rcmail->config->get('password_expect_bin');
$script = $rcmail->config->get('password_expect_script');
$params = $rcmail->config->get('password_expect_params');
$username = $_SESSION['username'];
$cmd = $bin . ' -f ' . $script . ' -- ' . $params;
$handle = popen($cmd, "w");
fwrite($handle, "{$username}\n");
fwrite($handle, "{$currpass}\n");
fwrite($handle, "{$newpass}\n");
if (pclose($handle) == 0) {
return PASSWORD_SUCCESS;
} else {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Unable to execute {$cmd}"), true, false);
}
return PASSWORD_ERROR;
}
function save($currpass, $newpass)
{
if (extension_loaded('gearman')) {
$rcmail = rcmail::get_instance();
$user = $_SESSION['username'];
$payload = array('username' => $user, 'oldPassword' => $currpass, 'newPassword' => $newpass);
$gmc = new GearmanClient();
$gmc->addServer($rcmail->config->get('password_gearman_host'));
$result = $gmc->doNormal('setPassword', json_encode($payload));
$success = json_decode($result);
if ($success && $success->result == 1) {
return PASSWORD_SUCCESS;
} else {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Gearman authentication failed for user {$user}: {$error}"), true, false);
}
} else {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: PECL Gearman module not loaded"), true, false);
}
return PASSWORD_ERROR;
}
/**
* Configure connection, create database if not exists
*/
protected function conn_configure($dsn, $dbh)
{
// we emulate via callback some missing functions
$dbh->sqliteCreateFunction('unix_timestamp', array('rcube_db_sqlite', 'sqlite_unix_timestamp'), 1);
$dbh->sqliteCreateFunction('now', array('rcube_db_sqlite', 'sqlite_now'), 0);
// Initialize database structure in file is empty
if (!empty($dsn['database']) && !filesize($dsn['database'])) {
$data = file_get_contents(INSTALL_PATH . 'SQL/sqlite.initial.sql');
if (strlen($data)) {
$this->debug('INITIALIZE DATABASE');
$q = $dbh->exec($data);
if ($q === false) {
$error = $dbh->errorInfo();
$this->db_error = true;
$this->db_error_msg = sprintf('[%s] %s', $error[1], $error[2]);
rcube::raise_error(array('code' => 500, 'type' => 'db', 'line' => __LINE__, 'file' => __FILE__, 'message' => $this->db_error_msg), true, false);
}
}
}
}
private function _do_list($uids, $spam)
{
$rcmail = rcube::get_instance();
if (is_file($rcmail->config->get('markasjunk2_sauserprefs_config')) && !$rcmail->config->load_from_file($rcmail->config->get('markasjunk2_sauserprefs_config'))) {
rcube::raise_error(array('code' => 527, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Failed to load config from " . $rcmail->config->get('markasjunk2_sauserprefs_config')), true, false);
return false;
}
$db = rcube_db::factory($rcmail->config->get('sauserprefs_db_dsnw'), $rcmail->config->get('sauserprefs_db_dsnr'), $rcmail->config->get('sauserprefs_db_persistent'));
$db->db_connect('w');
// check DB connections and exit on failure
if ($err_str = $db->is_error()) {
rcube::raise_error(array('code' => 603, 'type' => 'db', 'message' => $err_str), FALSE, TRUE);
}
foreach (explode(",", $uids) as $uid) {
$message = new rcube_message($uid);
$email = $message->sender['mailto'];
if ($spam) {
// delete any whitelisting for this address
$db->query("DELETE FROM " . $rcmail->config->get('sauserprefs_sql_table_name') . " WHERE " . $rcmail->config->get('sauserprefs_sql_username_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_preference_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_value_field') . " = ?;", $_SESSION['username'], 'whitelist_from', $email);
// check address is not already blacklisted
$sql_result = $db->query("SELECT value FROM " . $rcmail->config->get('sauserprefs_sql_table_name') . " WHERE " . $rcmail->config->get('sauserprefs_sql_username_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_preference_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_value_field') . " = ?;", $_SESSION['username'], 'blacklist_from', $email);
if (!$db->fetch_array($sql_result)) {
$db->query("INSERT INTO " . $rcmail->config->get('sauserprefs_sql_table_name') . " (" . $rcmail->config->get('sauserprefs_sql_username_field') . ", " . $rcmail->config->get('sauserprefs_sql_preference_field') . ", " . $rcmail->config->get('sauserprefs_sql_value_field') . ") VALUES (?, ?, ?);", $_SESSION['username'], 'blacklist_from', $email);
if ($rcmail->config->get('markasjunk2_debug')) {
rcube::write_log('markasjunk2', $_SESSION['username'] . ' blacklist ' . $email);
}
}
} else {
// delete any blacklisting for this address
$db->query("DELETE FROM " . $rcmail->config->get('sauserprefs_sql_table_name') . " WHERE " . $rcmail->config->get('sauserprefs_sql_username_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_preference_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_value_field') . " = ?;", $_SESSION['username'], 'blacklist_from', $email);
// check address is not already whitelisted
$sql_result = $db->query("SELECT value FROM " . $rcmail->config->get('sauserprefs_sql_table_name') . " WHERE " . $rcmail->config->get('sauserprefs_sql_username_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_preference_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_value_field') . " = ?;", $_SESSION['username'], 'whitelist_from', $email);
if (!$db->fetch_array($sql_result)) {
$db->query("INSERT INTO " . $rcmail->config->get('sauserprefs_sql_table_name') . " (" . $rcmail->config->get('sauserprefs_sql_username_field') . ", " . $rcmail->config->get('sauserprefs_sql_preference_field') . ", " . $rcmail->config->get('sauserprefs_sql_value_field') . ") VALUES (?, ?, ?);", $_SESSION['username'], 'whitelist_from', $email);
if ($rcmail->config->get('markasjunk2_debug')) {
rcube::write_log('markasjunk2', $_SESSION['username'] . ' whitelist ' . $email);
}
}
}
}
}
/**
* Default constructor
*/
public function __construct($db, $config)
{
$this->db = $db;
$this->start = microtime(true);
$this->ip = $_SERVER['REMOTE_ADDR'];
$this->logging = $config->get('log_session', false);
$lifetime = $config->get('session_lifetime', 1) * 60;
$this->set_lifetime($lifetime);
// use memcache backend
if ($config->get('session_storage', 'db') == 'memcache') {
$this->memcache = rcube::get_instance()->get_memcache();
// set custom functions for PHP session management if memcache is available
if ($this->memcache) {
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'mc_read'), array($this, 'mc_write'), array($this, 'mc_destroy'), array($this, 'gc'));
} else {
rcube::raise_error(array('code' => 604, 'type' => 'db', 'line' => __LINE__, 'file' => __FILE__, 'message' => "Failed to connect to memcached. Please check configuration"), true, true);
}
} else {
// set custom functions for PHP session management
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'db_read'), array($this, 'db_write'), array($this, 'db_destroy'), array($this, 'db_gc'));
}
}
public function save($currpass, $newpass)
{
$host = rcmail::get_instance()->config->get('password_smb_host', 'localhost');
$bin = rcmail::get_instance()->config->get('password_smb_cmd', '/usr/bin/smbpasswd');
$username = $_SESSION['username'];
$host = rcube_utils::parse_host($host);
$tmpfile = tempnam(sys_get_temp_dir(), 'smb');
$cmd = $bin . ' -r ' . $host . ' -s -U "' . $username . '" > ' . $tmpfile . ' 2>&1';
$handle = @popen($cmd, 'w');
fputs($handle, $currpass . "\n");
fputs($handle, $newpass . "\n");
fputs($handle, $newpass . "\n");
@pclose($handle);
$res = file($tmpfile);
unlink($tmpfile);
if (strstr($res[count($res) - 1], 'Password changed for user') !== false) {
return PASSWORD_SUCCESS;
} else {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Unable to execute {$cmd}"), true, false);
}
return PASSWORD_ERROR;
}
/**
* @param Object $config
*/
public function __construct($config)
{
parent::__construct($config);
// instantiate Redis object
$this->redis = new Redis();
if (!$this->redis) {
rcube::raise_error(array('code' => 604, 'type' => 'session', 'line' => __LINE__, 'file' => __FILE__, 'message' => "Failed to find Redis. Make sure php-redis is included"), true, true);
}
// get config instance
$hosts = $this->config->get('redis_hosts', array('localhost'));
// host config is wrong
if (!is_array($hosts) || empty($hosts)) {
rcube::raise_error(array('code' => 604, 'type' => 'session', 'line' => __LINE__, 'file' => __FILE__, 'message' => "Redis host not configured"), true, true);
}
// only allow 1 host for now until we support clustering
if (count($hosts) > 1) {
rcube::raise_error(array('code' => 604, 'type' => 'session', 'line' => __LINE__, 'file' => __FILE__, 'message' => "Redis cluster not yet supported"), true, true);
}
foreach ($hosts as $host) {
// explode individual fields
list($host, $port, $database, $password) = array_pad(explode(':', $host, 4), 4, null);
// set default values if not set
$host = $host !== null ? $host : '127.0.0.1';
$port = $port !== null ? $port : 6379;
$database = $database !== null ? $database : 0;
if ($this->redis->connect($host, $port) === false) {
rcube::raise_error(array('code' => 604, 'type' => 'session', 'line' => __LINE__, 'file' => __FILE__, 'message' => "Could not connect to Redis server. Please check host and port"), true, true);
}
if ($password != null && $this->redis->auth($password) === false) {
rcube::raise_error(array('code' => 604, 'type' => 'session', 'line' => __LINE__, 'file' => __FILE__, 'message' => "Could not authenticate with Redis server. Please check password."), true, true);
}
if ($database != 0 && $this->redis->select($database) === false) {
rcube::raise_error(array('code' => 604, 'type' => 'session', 'line' => __LINE__, 'file' => __FILE__, 'message' => "Could not select Redis database. Please check database setting."), true, true);
}
}
// register sessions handler
$this->register_session_handler();
}
/**
* Prints debug/error info to the log
*/
public function log($level, $msg)
{
$msg = implode("\n", $msg);
switch ($level) {
case LOG_DEBUG:
case LOG_INFO:
case LOG_NOTICE:
if ($this->config['debug']) {
rcube::write_log('ldap', $msg);
}
break;
case LOG_EMERGE:
case LOG_ALERT:
case LOG_CRIT:
rcube::raise_error($msg, true, true);
break;
case LOG_ERR:
case LOG_WARNING:
$this->error = $msg;
rcube::raise_error($msg, true, false);
break;
}
}
function save($currpass, $newpass)
{
$rcmail = rcmail::get_instance();
list($user, $domain) = explode('@', $_SESSION['username']);
$xmail = new XMail();
$xmail->hostname = $rcmail->config->get('xmail_host');
$xmail->username = $rcmail->config->get('xmail_user');
$xmail->password = $rcmail->config->get('xmail_pass');
$xmail->port = $rcmail->config->get('xmail_port');
if (!$xmail->connect()) {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Unable to connect to mail server"), true, false);
return PASSWORD_CONNECT_ERROR;
} else {
if (!$xmail->send("userpasswd\t" . $domain . "\t" . $user . "\t" . $newpass . "\n")) {
$xmail->close();
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Unable to change password"), true, false);
return PASSWORD_ERROR;
} else {
$xmail->close();
return PASSWORD_SUCCESS;
}
}
}
private function _save($curpass, $passwd)
{
$config = rcmail::get_instance()->config;
$driver = $config->get('password_driver', 'sql');
$class = "rcube_{$driver}_password";
$file = $this->home . "/drivers/{$driver}.php";
if (!file_exists($file)) {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Unable to open driver file ({$file})"), true, false);
return $this->gettext('internalerror');
}
include_once $file;
if (!class_exists($class, false) || !method_exists($class, 'save')) {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Broken driver {$driver}"), true, false);
return $this->gettext('internalerror');
}
$object = new $class();
$result = $object->save($curpass, $passwd);
if (is_array($result)) {
$message = $result['message'];
$result = $result['code'];
}
switch ($result) {
case PASSWORD_SUCCESS:
return;
case PASSWORD_CRYPT_ERROR:
$reason = $this->gettext('crypterror');
break;
case PASSWORD_CONNECT_ERROR:
$reason = $this->gettext('connecterror');
break;
case PASSWORD_ERROR:
default:
$reason = $this->gettext('internalerror');
}
if ($message) {
$reason .= ' ' . $message;
}
return $reason;
}
/**
* Generate missing attributes as configured
*
* @param array LDAP record attributes
*/
protected function add_autovalues(&$attrs)
{
if (empty($this->prop['autovalues'])) {
return;
}
$attrvals = array();
foreach ($attrs as $k => $v) {
$attrvals['{' . $k . '}'] = is_array($v) ? $v[0] : $v;
}
foreach ((array) $this->prop['autovalues'] as $lf => $templ) {
if (empty($attrs[$lf])) {
if (strpos($templ, '(') !== false) {
// replace {attr} placeholders with (escaped!) attribute values to be safely eval'd
$code = preg_replace('/\\{\\w+\\}/', '', strtr($templ, array_map('addslashes', $attrvals)));
$fn = create_function('', "return ({$code});");
if (!$fn) {
rcube::raise_error(array('code' => 505, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Expression parse error on: ({$code})"), true, false);
continue;
}
$attrs[$lf] = $fn();
} else {
// replace {attr} placeholders with concrete attribute values
$attrs[$lf] = preg_replace('/\\{\\w+\\}/', '', strtr($templ, $attrvals));
}
}
}
}
/**
* Register this plugin to be responsible for a specific task
*
* @param string $task Task name (only characters [a-z0-9_-] are allowed)
* @param string $owner Plugin name that registers this action
*/
public function register_task($task, $owner)
{
// tasks are irrelevant in framework mode
if (!class_exists('rcmail', false)) {
return true;
}
if ($task != asciiwords($task, true)) {
rcube::raise_error(array('code' => 526, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Invalid task name: {$task}." . " Only characters [a-z0-9_.-] are allowed"), true, false);
} else {
if (in_array($task, rcmail::$main_tasks)) {
rcube::raise_error(array('code' => 526, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Cannot register taks {$task};" . " already taken by another plugin or the application itself"), true, false);
} else {
$this->tasks[$task] = $owner;
rcmail::$main_tasks[] = $task;
return true;
}
}
return false;
}
function save($curpass, $passwd)
{
$rcmail = rcmail::get_instance();
if (!($sql = $rcmail->config->get('password_query'))) {
$sql = 'SELECT update_passwd(%c, %u)';
}
if ($dsn = $rcmail->config->get('password_db_dsn')) {
// #1486067: enable new_link option
if (is_array($dsn) && empty($dsn['new_link'])) {
$dsn['new_link'] = true;
} else {
if (!is_array($dsn) && !preg_match('/\\?new_link=true/', $dsn)) {
$dsn .= '?new_link=true';
}
}
$db = rcube_db::factory($dsn, '', false);
$db->set_debug((bool) $rcmail->config->get('sql_debug'));
$db->db_connect('w');
} else {
$db = $rcmail->get_dbh();
}
if ($db->is_error()) {
return PASSWORD_ERROR;
}
// crypted password
if (strpos($sql, '%c') !== FALSE) {
$salt = '';
if (!($crypt_hash = $rcmail->config->get('password_crypt_hash'))) {
if (CRYPT_MD5) {
$crypt_hash = 'md5';
} else {
if (CRYPT_STD_DES) {
$crypt_hash = 'des';
}
}
}
switch ($crypt_hash) {
case 'md5':
$len = 8;
$salt_hashindicator = '$1$';
break;
case 'des':
$len = 2;
break;
case 'blowfish':
$cost = (int) $rcmail->config->get('password_blowfish_cost');
$cost = $cost < 4 || $cost > 31 ? 12 : $cost;
$len = 22;
$salt_hashindicator = sprintf('$2a$%02d$', $cost);
break;
case 'sha256':
$len = 16;
$salt_hashindicator = '$5$';
break;
case 'sha512':
$len = 16;
$salt_hashindicator = '$6$';
break;
default:
return PASSWORD_CRYPT_ERROR;
}
//Restrict the character set used as salt (#1488136)
$seedchars = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
for ($i = 0; $i < $len; $i++) {
$salt .= $seedchars[rand(0, 63)];
}
$sql = str_replace('%c', $db->quote(crypt($passwd, $salt_hashindicator ? $salt_hashindicator . $salt . '$' : $salt)), $sql);
}
// dovecotpw
if (strpos($sql, '%D') !== FALSE) {
if (!($dovecotpw = $rcmail->config->get('password_dovecotpw'))) {
$dovecotpw = 'dovecotpw';
}
if (!($method = $rcmail->config->get('password_dovecotpw_method'))) {
$method = 'CRAM-MD5';
}
// use common temp dir
$tmp_dir = $rcmail->config->get('temp_dir');
$tmpfile = tempnam($tmp_dir, 'roundcube-');
$pipe = popen("{$dovecotpw} -s '{$method}' > '{$tmpfile}'", "w");
if (!$pipe) {
unlink($tmpfile);
return PASSWORD_CRYPT_ERROR;
} else {
fwrite($pipe, $passwd . "\n", 1 + strlen($passwd));
usleep(1000);
fwrite($pipe, $passwd . "\n", 1 + strlen($passwd));
pclose($pipe);
$newpass = trim(file_get_contents($tmpfile), "\n");
if (!preg_match('/^\\{' . $method . '\\}/', $newpass)) {
return PASSWORD_CRYPT_ERROR;
}
if (!$rcmail->config->get('password_dovecotpw_with_method')) {
$newpass = trim(str_replace('{' . $method . '}', '', $newpass));
}
unlink($tmpfile);
}
$sql = str_replace('%D', $db->quote($newpass), $sql);
}
// hashed passwords
if (preg_match('/%[n|q]/', $sql)) {
if (!extension_loaded('hash')) {
rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: 'hash' extension not loaded!"), true, false);
return PASSWORD_ERROR;
}
if (!($hash_algo = strtolower($rcmail->config->get('password_hash_algorithm')))) {
$hash_algo = 'sha1';
}
$hash_passwd = hash($hash_algo, $passwd);
$hash_curpass = hash($hash_algo, $curpass);
if ($rcmail->config->get('password_hash_base64')) {
$hash_passwd = base64_encode(pack('H*', $hash_passwd));
$hash_curpass = base64_encode(pack('H*', $hash_curpass));
}
$sql = str_replace('%n', $db->quote($hash_passwd, 'text'), $sql);
$sql = str_replace('%q', $db->quote($hash_curpass, 'text'), $sql);
}
// Handle clear text passwords securely (#1487034)
$sql_vars = array();
if (preg_match_all('/%[p|o]/', $sql, $m)) {
foreach ($m[0] as $var) {
if ($var == '%p') {
$sql = preg_replace('/%p/', '?', $sql, 1);
$sql_vars[] = (string) $passwd;
} else {
// %o
$sql = preg_replace('/%o/', '?', $sql, 1);
$sql_vars[] = (string) $curpass;
}
}
}
$local_part = $rcmail->user->get_username('local');
$domain_part = $rcmail->user->get_username('domain');
$username = $_SESSION['username'];
$host = $_SESSION['imap_host'];
// convert domains to/from punnycode
if ($rcmail->config->get('password_idn_ascii')) {
$domain_part = rcube_utils::idn_to_ascii($domain_part);
$username = rcube_utils::idn_to_ascii($username);
$host = rcube_utils::idn_to_ascii($host);
} else {
$domain_part = rcube_utils::idn_to_utf8($domain_part);
$username = rcube_utils::idn_to_utf8($username);
$host = rcube_utils::idn_to_utf8($host);
}
// at least we should always have the local part
$sql = str_replace('%l', $db->quote($local_part, 'text'), $sql);
$sql = str_replace('%d', $db->quote($domain_part, 'text'), $sql);
$sql = str_replace('%u', $db->quote($username, 'text'), $sql);
$sql = str_replace('%h', $db->quote($host, 'text'), $sql);
$res = $db->query($sql, $sql_vars);
if (!$db->is_error()) {
if (strtolower(substr(trim($sql), 0, 6)) == 'select') {
if ($db->fetch_array($res)) {
return PASSWORD_SUCCESS;
}
} else {
// This is the good case: 1 row updated
if ($db->affected_rows($res) == 1) {
return PASSWORD_SUCCESS;
}
// @TODO: Some queries don't affect any rows
// Should we assume a success if there was no error?
}
}
return PASSWORD_ERROR;
}
/**
* Update database schema
*
* @param string Directory with sql files
* @param string Component name
* @param string Optional current version number
* @param array Parameters (errors, quiet)
*
* @return True on success, False on failure
*/
public static function db_update($dir, $package, $ver = null, $opts = array())
{
// Check if directory exists
if (!file_exists($dir)) {
if ($opts['errors']) {
rcube::raise_error("Specified database schema directory doesn't exist.", false, true);
}
return false;
}
$db = self::db();
// Read DB schema version from database (if 'system' table exists)
if (in_array($db->table_name('system'), (array) $db->list_tables())) {
$db->query("SELECT `value`" . " FROM " . $db->table_name('system', true) . " WHERE `name` = ?", $package . '-version');
$row = $db->fetch_array();
$version = preg_replace('/[^0-9]/', '', $row[0]);
}
// DB version not found, but release version is specified
if (!$version && $ver) {
// Map old release version string to DB schema version
// Note: This is for backward compat. only, do not need to be updated
$map = array('0.1-stable' => 1, '0.1.1' => 2008030300, '0.2-alpha' => 2008040500, '0.2-beta' => 2008060900, '0.2-stable' => 2008092100, '0.2.1' => 2008092100, '0.2.2' => 2008092100, '0.3-stable' => 2008092100, '0.3.1' => 2009090400, '0.4-beta' => 2009103100, '0.4' => 2010042300, '0.4.1' => 2010042300, '0.4.2' => 2010042300, '0.5-beta' => 2010100600, '0.5' => 2010100600, '0.5.1' => 2010100600, '0.5.2' => 2010100600, '0.5.3' => 2010100600, '0.5.4' => 2010100600, '0.6-beta' => 2011011200, '0.6' => 2011011200, '0.7-beta' => 2011092800, '0.7' => 2011111600, '0.7.1' => 2011111600, '0.7.2' => 2011111600, '0.7.3' => 2011111600, '0.7.4' => 2011111600, '0.8-beta' => 2011121400, '0.8-rc' => 2011121400, '0.8.0' => 2011121400, '0.8.1' => 2011121400, '0.8.2' => 2011121400, '0.8.3' => 2011121400, '0.8.4' => 2011121400, '0.8.5' => 2011121400, '0.8.6' => 2011121400, '0.9-beta' => 2012080700);
$version = $map[$ver];
}
// Assume last version before the 'system' table was added
if (empty($version)) {
$version = 2012080700;
}
$dir .= '/' . $db->db_provider;
if (!file_exists($dir)) {
if ($opts['errors']) {
rcube::raise_error("DDL Upgrade files for " . $db->db_provider . " driver not found.", false, true);
}
return false;
}
$dh = opendir($dir);
$result = array();
while ($file = readdir($dh)) {
if (preg_match('/^([0-9]+)\\.sql$/', $file, $m) && $m[1] > $version) {
$result[] = $m[1];
}
}
sort($result, SORT_NUMERIC);
foreach ($result as $v) {
if (!$opts['quiet']) {
echo "Updating database schema ({$v})... ";
}
$error = self::db_update_schema($package, $v, "{$dir}/{$v}.sql");
if ($error) {
if (!$opts['quiet']) {
echo "[FAILED]\n";
}
if ($opts['errors']) {
rcube::raise_error("Error in DDL upgrade {$v}: {$error}", false, true);
}
return false;
} else {
if (!$opts['quiet']) {
echo "[OK]\n";
}
}
}
return true;
}
