rcube_db::factory PHPのコード例

コード例 #1

0

ファイルを表示

ファイル: sql.php プロジェクト: freedomson/roundcube-forward

function mail_forward_write(array &$data)
{
    $rcmail = rcmail::get_instance();
    if ($dsn = $rcmail->config->get('forward_sql_dsn')) {
        if (is_array($dsn) && empty($dsn['new_link'])) {
            $dsn['new_link'] = true;
        } else {
            if (!is_array($dsn) && !preg_match('/\\?new_link=true/', $dsn)) {
                $dsn .= '?new_link=true';
            }
        }
        $db = rcube_db::factory($dsn, '', FALSE);
        $db->set_debug((bool) $rcmail->config->get('sql_debug'));
        $db->db_connect('w');
    } else {
        $db = $rcmail->get_dbh();
    }
    if ($err = $db->is_error()) {
        return PLUGIN_ERROR_CONNECT;
    }
    $search = array('%address', '%goto', '%modified');
    $replace = array($db->quote($data['address']), $db->quote($data['goto']), $db->quote($data['modified']));
    $query = str_replace($search, $replace, $rcmail->config->get('forward_sql_write'));
    $sql_result = $db->query($query);
    if ($err = $db->is_error()) {
        return PLUGIN_ERROR_PROCESS;
    }
    return PLUGIN_SUCCESS;
}

コード例 #2

0

ファイルを表示

ファイル: sql.php プロジェクト: elurofilico/i-MSCP-plugins

/**
 * i-MSCP - internet Multi Server Control Panel
 * Copyright (C) 2010-2011 by i-MSCP team
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 * @category	iMSCP
 * @package	 iMSCP Roundcube password changer
 * @copyright   2010-2011 by i-MSCP team
 * @author 		Sascha Bay
 * @link		http://www.i-mscp.net i-MSCP Home Site
 * @license	 http://www.gnu.org/licenses/gpl-2.0.html GPL v2
 */
function password_save($passwd)
{
    $rcmail = rcmail::get_instance();
    $sql = "UPDATE `mail_users` SET `mail_pass` = %p WHERE `mail_addr` = %u LIMIT 1";
    if ($dsn = $rcmail->config->get('password_db_dsn')) {
        // #1486067: enable new_link option
        if (is_array($dsn) && empty($dsn['new_link'])) {
            $dsn['new_link'] = true;
        } else {
            if (!is_array($dsn) && !preg_match('/\\?new_link=true/', $dsn)) {
                $dsn .= '?new_link=true';
            }
        }
        $db = rcube_db::factory($dsn, '', false);
        $db->set_debug((bool) $rcmail->config->get('sql_debug'));
        $db->db_connect('w');
    }
    if ($err = $db->is_error()) {
        return PASSWORD_ERROR;
    }
    $sql = str_replace('%u', $db->quote($_SESSION['username'], 'text'), $sql);
    $sql = str_replace('%p', $db->quote($passwd, 'text'), $sql);
    $res = $db->query($sql);
    if (!$db->is_error()) {
        if ($db->affected_rows($res) == 1) {
            return PASSWORD_SUCCESS;
            // This is the good case: 1 row updated
        }
    }
    return PASSWORD_ERROR;
}

コード例 #3

0

ファイルを表示

ファイル: veximaccountadmin.php プロジェクト: soujak/VeximAccountAdmin

 private function _db_connect($mode)
 {
     $this->db = rcube_db::factory($this->config['db_dsn'], '', false);
     $this->db->db_connect($mode);
     // check DB connections and exit on failure
     if ($err_str = $this->db->is_error()) {
         raise_error(array('code' => 603, 'type' => 'db', 'message' => $err_str), FALSE, TRUE);
     }
 }

コード例 #4

0

ファイルを表示

ファイル: sa_blacklist.php プロジェクト: nciftci/plugins

 private function _do_list($uids, $spam)
 {
     $rcmail = rcube::get_instance();
     $this->sa_user = $rcmail->config->get('sauserprefs_userid', "%u");
     $this->sa_table = $rcmail->config->get('sauserprefs_sql_table_name');
     $this->sa_username_field = $rcmail->config->get('sauserprefs_sql_username_field');
     $this->sa_preference_field = $rcmail->config->get('sauserprefs_sql_preference_field');
     $this->sa_value_field = $rcmail->config->get('sauserprefs_sql_value_field');
     $identity_arr = $rcmail->user->get_identity();
     $identity = $identity_arr['email'];
     $this->sa_user = str_replace('%u', $_SESSION['username'], $this->sa_user);
     $this->sa_user = str_replace('%l', $rcmail->user->get_username('local'), $this->sa_user);
     $this->sa_user = str_replace('%d', $rcmail->user->get_username('domain'), $this->sa_user);
     $this->sa_user = str_replace('%i', $identity, $this->sa_user);
     if (is_file($rcmail->config->get('markasjunk2_sauserprefs_config')) && !$rcmail->config->load_from_file($rcmail->config->get('markasjunk2_sauserprefs_config'))) {
         rcube::raise_error(array('code' => 527, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Failed to load config from " . $rcmail->config->get('markasjunk2_sauserprefs_config')), true, false);
         return false;
     }
     $db = rcube_db::factory($rcmail->config->get('sauserprefs_db_dsnw'), $rcmail->config->get('sauserprefs_db_dsnr'), $rcmail->config->get('sauserprefs_db_persistent'));
     $db->set_debug((bool) $rcmail->config->get('sql_debug'));
     $db->db_connect('w');
     // check DB connections and exit on failure
     if ($err_str = $db->is_error()) {
         rcube::raise_error(array('code' => 603, 'type' => 'db', 'message' => $err_str), FALSE, TRUE);
     }
     foreach ($uids as $uid) {
         $message = new rcube_message($uid);
         $email = $message->sender['mailto'];
         if ($spam) {
             // delete any whitelisting for this address
             $db->query("DELETE FROM `{$this->sa_table}` WHERE `{$this->sa_username_field}` = ? AND `{$this->sa_preference_field}` = ? AND `{$this->sa_value_field}` = ?;", $this->sa_user, 'whitelist_from', $email);
             // check address is not already blacklisted
             $sql_result = $db->query("SELECT `value` FROM `{$this->sa_table}` WHERE `{$this->sa_username_field}` = ? AND `{$this->sa_preference_field}` = ? AND `{$this->sa_value_field}` = ?;", $this->sa_user, 'blacklist_from', $email);
             if (!$db->fetch_array($sql_result)) {
                 $db->query("INSERT INTO `{$this->sa_table}` (`{$this->sa_username_field}`, `{$this->sa_preference_field}`, `{$this->sa_value_field}`) VALUES (?, ?, ?);", $this->sa_user, 'blacklist_from', $email);
                 if ($rcmail->config->get('markasjunk2_debug')) {
                     rcube::write_log('markasjunk2', $this->sa_user . ' blacklist ' . $email);
                 }
             }
         } else {
             // delete any blacklisting for this address
             $db->query("DELETE FROM `{$this->sa_table}` WHERE `{$this->sa_username_field}` = ? AND `{$this->sa_preference_field}` = ? AND `{$this->sa_value_field}` = ?;", $this->sa_user, 'blacklist_from', $email);
             // check address is not already whitelisted
             $sql_result = $db->query("SELECT `value` FROM `{$this->sa_table}` WHERE `{$this->sa_username_field}` = ? AND `{$this->sa_preference_field}` = ? AND `{$this->sa_value_field}` = ?;", $this->sa_user, 'whitelist_from', $email);
             if (!$db->fetch_array($sql_result)) {
                 $db->query("INSERT INTO `{$this->sa_table}` (`{$this->sa_username_field}`, `{$this->sa_preference_field}`, `{$this->sa_value_field}`) VALUES (?, ?, ?);", $this->sa_user, 'whitelist_from', $email);
                 if ($rcmail->config->get('markasjunk2_debug')) {
                     rcube::write_log('markasjunk2', $this->sa_user . ' whitelist ' . $email);
                 }
             }
         }
     }
 }

コード例 #5

0

ファイルを表示

ファイル: rcmail_utils.php プロジェクト: JotapePinheiro/roundcubemail

 /**
  * Initialize database object and connect
  *
  * @return rcube_db Database instance
  */
 public static function db()
 {
     if (self::$db === null) {
         $rc = rcube::get_instance();
         $db = rcube_db::factory($rc->config->get('db_dsnw'));
         $db->set_debug((bool) $rc->config->get('sql_debug'));
         // Connect to database
         $db->db_connect('w');
         if (!$db->is_connected()) {
             rcube::raise_error("Error connecting to database: " . $db->is_error(), false, true);
         }
         self::$db = $db;
     }
     return self::$db;
 }

コード例 #6

0

ファイルを表示

ファイル: database_driver.php プロジェクト: Takika/amacube

 private function init_db()
 {
     if (!$this->db_conn) {
         if (!class_exists('rcube_db')) {
             // Version: < 0.9
             $this->db_conn = new rcube_mdb2($this->db_config, '', true);
         } else {
             // Version: > 0.9
             $this->db_conn = rcube_db::factory($this->db_config, '', true);
         }
     }
     $this->db_conn->db_connect('w');
     // Error check
     if ($error = $this->db_conn->is_error()) {
         $this->rc->amacube->errors[] = 'db_connect_error';
         write_log('errors', 'AMACUBE: Database connect error: ' . $error);
         return false;
     }
     return true;
 }

コード例 #7

0

ファイルを表示

ファイル: sa_blacklist.php プロジェクト: elurofilico/i-MSCP-plugins

 private function _do_list($uids, $spam)
 {
     $rcmail = rcube::get_instance();
     if (is_file($rcmail->config->get('markasjunk2_sauserprefs_config')) && !$rcmail->config->load_from_file($rcmail->config->get('markasjunk2_sauserprefs_config'))) {
         rcube::raise_error(array('code' => 527, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Failed to load config from " . $rcmail->config->get('markasjunk2_sauserprefs_config')), true, false);
         return false;
     }
     $db = rcube_db::factory($rcmail->config->get('sauserprefs_db_dsnw'), $rcmail->config->get('sauserprefs_db_dsnr'), $rcmail->config->get('sauserprefs_db_persistent'));
     $db->db_connect('w');
     // check DB connections and exit on failure
     if ($err_str = $db->is_error()) {
         rcube::raise_error(array('code' => 603, 'type' => 'db', 'message' => $err_str), FALSE, TRUE);
     }
     foreach (explode(",", $uids) as $uid) {
         $message = new rcube_message($uid);
         $email = $message->sender['mailto'];
         if ($spam) {
             // delete any whitelisting for this address
             $db->query("DELETE FROM " . $rcmail->config->get('sauserprefs_sql_table_name') . " WHERE " . $rcmail->config->get('sauserprefs_sql_username_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_preference_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_value_field') . " = ?;", $_SESSION['username'], 'whitelist_from', $email);
             // check address is not already blacklisted
             $sql_result = $db->query("SELECT value FROM " . $rcmail->config->get('sauserprefs_sql_table_name') . " WHERE " . $rcmail->config->get('sauserprefs_sql_username_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_preference_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_value_field') . " = ?;", $_SESSION['username'], 'blacklist_from', $email);
             if (!$db->fetch_array($sql_result)) {
                 $db->query("INSERT INTO " . $rcmail->config->get('sauserprefs_sql_table_name') . " (" . $rcmail->config->get('sauserprefs_sql_username_field') . ", " . $rcmail->config->get('sauserprefs_sql_preference_field') . ", " . $rcmail->config->get('sauserprefs_sql_value_field') . ") VALUES (?, ?, ?);", $_SESSION['username'], 'blacklist_from', $email);
                 if ($rcmail->config->get('markasjunk2_debug')) {
                     rcube::write_log('markasjunk2', $_SESSION['username'] . ' blacklist ' . $email);
                 }
             }
         } else {
             // delete any blacklisting for this address
             $db->query("DELETE FROM " . $rcmail->config->get('sauserprefs_sql_table_name') . " WHERE " . $rcmail->config->get('sauserprefs_sql_username_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_preference_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_value_field') . " = ?;", $_SESSION['username'], 'blacklist_from', $email);
             // check address is not already whitelisted
             $sql_result = $db->query("SELECT value FROM " . $rcmail->config->get('sauserprefs_sql_table_name') . " WHERE " . $rcmail->config->get('sauserprefs_sql_username_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_preference_field') . " = ? AND " . $rcmail->config->get('sauserprefs_sql_value_field') . " = ?;", $_SESSION['username'], 'whitelist_from', $email);
             if (!$db->fetch_array($sql_result)) {
                 $db->query("INSERT INTO " . $rcmail->config->get('sauserprefs_sql_table_name') . " (" . $rcmail->config->get('sauserprefs_sql_username_field') . ", " . $rcmail->config->get('sauserprefs_sql_preference_field') . ", " . $rcmail->config->get('sauserprefs_sql_value_field') . ") VALUES (?, ?, ?);", $_SESSION['username'], 'whitelist_from', $email);
                 if ($rcmail->config->get('markasjunk2_debug')) {
                     rcube::write_log('markasjunk2', $_SESSION['username'] . ' whitelist ' . $email);
                 }
             }
         }
     }
 }

コード例 #8

0

ファイルを表示

ファイル: hmsfromrc.php プロジェクト: hazarkarabay/hmsfromrc

 function getHmsDb()
 {
     $dbConf = $this->rc->config->get('hmailserver_server_for_hmsrc');
     $dsn = $dbConf['Protocol'] . "://" . $dbConf['Username'] . ":" . $dbConf['Password'] . "@" . $dbConf['Server'] . "/" . $dbConf["Database"];
     $db = rcube_db::factory($dsn, "", false);
     $db->db_connect('w');
     return $db;
 }

コード例 #9

0

ファイルを表示

ファイル: rcube_sauserprefs_storage.php プロジェクト: elurofilico/i-MSCP-plugins

 private function _db_connect($mode)
 {
     if (!$this->db) {
         $this->db = rcube_db::factory($this->db_dsnw, $this->db_dsnr, $this->db_persistent);
     }
     $this->db->db_connect($mode);
     // check DB connections and exit on failure
     if ($err_str = $this->db->is_error()) {
         raise_error(array('code' => 603, 'type' => 'db', 'message' => $err_str), false, true);
     }
 }

コード例 #10

0

ファイルを表示

ファイル: amavis_blacklist.php プロジェクト: aalmenar/Roundcube-Plugin-Mark-as-Junk-2

 private function _do_list($uids, $spam)
 {
     $rcmail = rcmail::get_instance();
     $this->user_email = $rcmail->user->data['username'];
     if (is_file($rcmail->config->get('markasjunk2_amacube_config')) && !$rcmail->config->load_from_file($rcmail->config->get('markasjunk2_amacube_config'))) {
         rcube::raise_error(array('code' => 527, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Failed to load config from " . $rcmail->config->get('markasjunk2_amacube_config')), true, false);
         return false;
     }
     $db = rcube_db::factory($rcmail->config->get('amacube_db_dsn'), '', TRUE);
     $db->set_debug((bool) $rcmail->config->get('sql_debug'));
     $db->db_connect('w');
     // check DB connections and exit on failure
     if ($err_str = $db->is_error()) {
         rcube::raise_error(array('code' => 603, 'type' => 'db', 'message' => $err_str), FALSE, TRUE);
     }
     $sql_result = $db->query("SELECT `id` FROM `users` WHERE `email` = ?", $this->user_email);
     if ($sql_result && ($res_array = $db->fetch_assoc($sql_result))) {
         $rid = $res_array['id'];
     } else {
         if ($rcmail->config->get('markasjunk2_debug')) {
             rcube::write_log('markasjunk2', $this->user_email . ' not found in users table');
         }
         return false;
     }
     foreach ($uids as $uid) {
         $message = new rcube_message($uid);
         $email = $message->sender['mailto'];
         $sql_result = $db->query("SELECT `id` FROM `mailaddr` WHERE `email` = ? ORDER BY `priority` DESC", $email);
         if ($sql_result && ($res_array = $db->fetch_assoc($sql_result))) {
             $sid = $res_array['id'];
         } else {
             if ($rcmail->config->get('markasjunk2_debug')) {
                 rcube::write_log('markasjunk2', $email . ' not found in mailaddr table - add it');
             }
             $sql_result = $db->query("INSERT INTO `mailaddr` ( `priority`, `email` ) VALUES ( 20, ? )", $email);
             if ($sql_result) {
                 $sid = $db->insert_id();
             } else {
                 if ($rcmail->config->get('markasjunk2_debug')) {
                     rcube::write_log('markasjunk2', 'Cannot add ' . $email . ' to mailaddr table: ' . $db->is_error($sql_result));
                 }
                 return false;
             }
         }
         $wb = '';
         $sql_result = $db->query("SELECT `wb` FROM `wblist` WHERE `sid` = ? AND `rid` =?", $sid, $rid);
         if ($sql_result && ($res_array = $db->fetch_assoc($sql_result))) {
             $wb = $res_array['wb'];
         }
         if (!$wb || !$spam && preg_match('/^([BbNnFf])[ ]*\\z/', $wb) || $spam && preg_match('/^([WwYyTt])[ ]*\\z/', $wb)) {
             $newwb = 'w';
             if ($spam) {
                 $newwb = 'b';
             }
             if ($wb) {
                 $sql_result = $db->query('UPDATE `wblist` SET `wb` = ? WHERE `sid` = ? AND `rid` = ?', $newwb, $sid, $rid);
             } else {
                 $sql_result = $db->query('INSERT INTO `wblist` (`sid`, `rid`, `wb`) VALUES (?,?,?)', $sid, $rid, $newwb);
             }
             if (!$sql_result) {
                 if ($rcmail->config->get('markasjunk2_debug')) {
                     rcube::write_log('markasjunk2', 'Cannot update wblist for user ' . $this->user_email . ' with ' . $email);
                 }
                 return false;
             }
         }
     }
 }

コード例 #11

0

ファイルを表示

ファイル: virtuser_query.php プロジェクト: jimjag/roundcubemail

 /**
  * Initialize database handler
  */
 function get_dbh()
 {
     if (!$this->db) {
         if ($dsn = $this->app->config->get('virtuser_query_dsn')) {
             // connect to the virtuser database
             $this->db = rcube_db::factory($dsn);
             $this->db->set_debug((bool) $this->app->config->get('sql_debug'));
             $this->db->db_connect('r');
             // connect in read mode
         } else {
             $this->db = $this->app->get_dbh();
         }
     }
     return $this->db;
 }

コード例 #12

0

ファイルを表示

ファイル: rcube.php プロジェクト: neynah/roundcubemail

 /**
  * Get the current database connection
  *
  * @return rcube_db Database object
  */
 public function get_dbh()
 {
     if (!$this->db) {
         $this->db = rcube_db::factory($this->config->get('db_dsnw'), $this->config->get('db_dsnr'), $this->config->get('db_persistent'));
         $this->db->set_debug((bool) $this->config->get('sql_debug'));
     }
     return $this->db;
 }

コード例 #13

0

ファイルを表示

ファイル: rcube.php プロジェクト: zamentur/roundcube_ynh

 /**
  * Get the current database connection
  *
  * @return rcube_db Database object
  */
 public function get_dbh()
 {
     if (!$this->db) {
         $config_all = $this->config->all();
         $this->db = rcube_db::factory($config_all['db_dsnw'], $config_all['db_dsnr'], $config_all['db_persistent']);
         $this->db->set_debug((bool) $config_all['sql_debug']);
     }
     return $this->db;
 }

コード例 #14

0

ファイルを表示

ファイル: pfadmin_autoresponder.php プロジェクト: Greybrow/rcb-pfa-autoresponder

 private function _save($user, $enabled, $subject, $body, $date, $datefrom)
 {
     $cfg = rcmail::get_instance()->config;
     if ($dsn = $cfg->get('db_pfadmin_autoresponder_dsn')) {
         $db = rcube_db::factory($dsn, '', false);
         //  $db->set_debug((bool)$rcmail->config->get('sql_debug'));
         $db->db_connect('w');
     } else {
         die("FATAL ERROR ::: RoundCube Plugin ::: pfadmin_autoresponder ::: \$rcmail_config['db_pfadmin_autoresponder_dsn'] undefined !!! ==> die");
     }
     if ($err = $db->is_error()) {
         return $err;
     }
     $sql = $this->sql_update;
     $sql = str_replace('%s', $db->quote($subject, 'text'), $sql);
     $sql = str_replace('%m', $db->quote($body, 'text'), $sql);
     $sql = str_replace('%d', preg_match('/NULL|now/', $date) ? $date : $db->quote($date, 'text'), $sql);
     $sql = str_replace('%f', preg_match('/NULL|now/', $datefrom) ? $datefrom : $db->quote($datefrom, 'text'), $sql);
     $sql = str_replace('%o', $db->quote($enabled, 'text'), $sql);
     $sql = str_replace('%u', $db->quote($user, 'text'), $sql);
     $res = $db->query($sql);
     $user_arr = preg_split('/@/', $user);
     $user_name = $user_arr[0];
     $domain = $user_arr[1];
     addtoalias($db, $user, $user);
     // just in case
     //    return ($domain);
     if ($enabled) {
         $result = addtoalias($db, $user, $user_name . "#" . $domain . "@" . $cfg->get('vac_domain'));
     } else {
         $result = removefromalias($db, $user, $user_name . "#" . $domain . "@" . $cfg->get('vac_domain'));
     }
     if ($err = $db->is_error()) {
         return $err;
     }
     $res = $db->affected_rows($res);
     if (!$result) {
         return $this->gettext('errorsaving');
     }
 }

コード例 #15

0

ファイルを表示

ファイル: test.php プロジェクト: jimjag/roundcubemail

    } else {
        $RCI->fail($dir, 'not writeable for the webserver');
    }
    echo '<br />';
}
if (!$pass) {
    echo '<p class="hint">Use <tt>chmod</tt> or <tt>chown</tt> to grant write privileges to the webserver</p>';
}
?>

<h3>Check DB config</h3>
<?php 
$db_working = false;
if ($RCI->configured) {
    if (!empty($RCI->config['db_dsnw'])) {
        $DB = rcube_db::factory($RCI->config['db_dsnw'], '', false);
        $DB->set_debug((bool) $RCI->config['sql_debug']);
        $DB->db_connect('w');
        if (!($db_error_msg = $DB->is_error())) {
            $RCI->pass('DSN (write)');
            echo '<br />';
            $db_working = true;
        } else {
            $RCI->fail('DSN (write)', $db_error_msg);
            echo '<p class="hint">Make sure that the configured database exists and that the user has write privileges<br />';
            echo 'DSN: ' . $RCI->config['db_dsnw'] . '</p>';
        }
    } else {
        $RCI->fail('DSN (write)', 'not set');
    }
} else {

コード例 #16

0

ファイルを表示

ファイル: rcube_sauserprefs_storage_sql.php プロジェクト: nciftci/plugins

 private function _db_connect($mode)
 {
     if (!$this->db) {
         $this->db = rcube_db::factory($this->db_dsnw, $this->db_dsnr, $this->db_persistent);
     }
     $this->db->set_debug((bool) rcube::get_instance()->config->get('sql_debug'));
     $this->db->db_connect($mode);
     // check DB connections and exit on failure
     if ($err_str = $this->db->is_error()) {
         rcube::raise_error(array('code' => 603, 'type' => 'db', 'message' => $err_str), false, true);
     }
 }

コード例 #17

0

ファイルを表示

ファイル: sql.php プロジェクト: JotapePinheiro/roundcubemail

 function save($curpass, $passwd)
 {
     $rcmail = rcmail::get_instance();
     if (!($sql = $rcmail->config->get('password_query'))) {
         $sql = 'SELECT update_passwd(%c, %u)';
     }
     if ($dsn = $rcmail->config->get('password_db_dsn')) {
         $db = rcube_db::factory($dsn, '', false);
         $db->set_debug((bool) $rcmail->config->get('sql_debug'));
     } else {
         $db = $rcmail->get_dbh();
     }
     if ($db->is_error()) {
         return PASSWORD_ERROR;
     }
     // new password - default hash method
     if (strpos($sql, '%P') !== false) {
         $password = password::hash_password($passwd);
         if ($password === false) {
             return PASSWORD_CRYPT_ERROR;
         }
         $sql = str_replace('%P', $db->quote($password), $sql);
     }
     // old password - default hash method
     if (strpos($sql, '%O') !== false) {
         $password = password::hash_password($curpass);
         if ($password === false) {
             return PASSWORD_CRYPT_ERROR;
         }
         $sql = str_replace('%O', $db->quote($password), $sql);
     }
     // crypted password (deprecated, use %P)
     if (strpos($sql, '%c') !== false) {
         $password = password::hash_password($passwd, 'crypt', false);
         if ($password === false) {
             return PASSWORD_CRYPT_ERROR;
         }
         $sql = str_replace('%c', $db->quote($password), $sql);
     }
     // dovecotpw (deprecated, use %P)
     if (strpos($sql, '%D') !== false) {
         $password = password::hash_password($passwd, 'dovecot', false);
         if ($password === false) {
             return PASSWORD_CRYPT_ERROR;
         }
         $sql = str_replace('%D', $db->quote($password), $sql);
     }
     // hashed passwords (deprecated, use %P)
     if (strpos($sql, '%n') !== false) {
         $password = password::hash_password($passwd, 'hash', false);
         if ($password === false) {
             return PASSWORD_CRYPT_ERROR;
         }
         $sql = str_replace('%n', $db->quote($password, 'text'), $sql);
     }
     // hashed passwords (deprecated, use %P)
     if (strpos($sql, '%q') !== false) {
         $password = password::hash_password($curpass, 'hash', false);
         if ($password === false) {
             return PASSWORD_CRYPT_ERROR;
         }
         $sql = str_replace('%q', $db->quote($password, 'text'), $sql);
     }
     // Handle clear text passwords securely (#1487034)
     $sql_vars = array();
     if (preg_match_all('/%[p|o]/', $sql, $m)) {
         foreach ($m[0] as $var) {
             if ($var == '%p') {
                 $sql = preg_replace('/%p/', '?', $sql, 1);
                 $sql_vars[] = (string) $passwd;
             } else {
                 // %o
                 $sql = preg_replace('/%o/', '?', $sql, 1);
                 $sql_vars[] = (string) $curpass;
             }
         }
     }
     $local_part = $rcmail->user->get_username('local');
     $domain_part = $rcmail->user->get_username('domain');
     $username = $_SESSION['username'];
     $host = $_SESSION['imap_host'];
     // convert domains to/from punnycode
     if ($rcmail->config->get('password_idn_ascii')) {
         $domain_part = rcube_utils::idn_to_ascii($domain_part);
         $username = rcube_utils::idn_to_ascii($username);
         $host = rcube_utils::idn_to_ascii($host);
     } else {
         $domain_part = rcube_utils::idn_to_utf8($domain_part);
         $username = rcube_utils::idn_to_utf8($username);
         $host = rcube_utils::idn_to_utf8($host);
     }
     // at least we should always have the local part
     $sql = str_replace('%l', $db->quote($local_part, 'text'), $sql);
     $sql = str_replace('%d', $db->quote($domain_part, 'text'), $sql);
     $sql = str_replace('%u', $db->quote($username, 'text'), $sql);
     $sql = str_replace('%h', $db->quote($host, 'text'), $sql);
     $res = $db->query($sql, $sql_vars);
     if (!$db->is_error()) {
         if (strtolower(substr(trim($sql), 0, 6)) == 'select') {
             if ($db->fetch_array($res)) {
                 return PASSWORD_SUCCESS;
             }
         } else {
             // This is the good case: 1 row updated
             if ($db->affected_rows($res) == 1) {
                 return PASSWORD_SUCCESS;
             }
             // @TODO: Some queries don't affect any rows
             // Should we assume a success if there was no error?
         }
     }
     return PASSWORD_ERROR;
 }

コード例 #18

0

ファイルを表示

ファイル: sql.php プロジェクト: bbspike/sentora-core

 function save($curpass, $passwd)
 {
     $rcmail = rcmail::get_instance();
     if (!($sql = $rcmail->config->get('password_query'))) {
         $sql = 'SELECT update_passwd(%c, %u)';
     }
     if ($dsn = $rcmail->config->get('password_db_dsn')) {
         // #1486067: enable new_link option
         if (is_array($dsn) && empty($dsn['new_link'])) {
             $dsn['new_link'] = true;
         } else {
             if (!is_array($dsn) && !preg_match('/\\?new_link=true/', $dsn)) {
                 $dsn .= '?new_link=true';
             }
         }
         $db = rcube_db::factory($dsn, '', false);
         $db->set_debug((bool) $rcmail->config->get('sql_debug'));
         $db->db_connect('w');
     } else {
         $db = $rcmail->get_dbh();
     }
     if ($db->is_error()) {
         return PASSWORD_ERROR;
     }
     // crypted password
     if (strpos($sql, '%c') !== FALSE) {
         $salt = '';
         if (!($crypt_hash = $rcmail->config->get('password_crypt_hash'))) {
             if (CRYPT_MD5) {
                 $crypt_hash = 'md5';
             } else {
                 if (CRYPT_STD_DES) {
                     $crypt_hash = 'des';
                 }
             }
         }
         switch ($crypt_hash) {
             case 'md5':
                 $len = 8;
                 $salt_hashindicator = '$1$';
                 break;
             case 'des':
                 $len = 2;
                 break;
             case 'blowfish':
                 $cost = (int) $rcmail->config->get('password_blowfish_cost');
                 $cost = $cost < 4 || $cost > 31 ? 12 : $cost;
                 $len = 22;
                 $salt_hashindicator = sprintf('$2a$%02d$', $cost);
                 break;
             case 'sha256':
                 $len = 16;
                 $salt_hashindicator = '$5$';
                 break;
             case 'sha512':
                 $len = 16;
                 $salt_hashindicator = '$6$';
                 break;
             default:
                 return PASSWORD_CRYPT_ERROR;
         }
         //Restrict the character set used as salt (#1488136)
         $seedchars = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
         for ($i = 0; $i < $len; $i++) {
             $salt .= $seedchars[rand(0, 63)];
         }
         $sql = str_replace('%c', $db->quote(crypt($passwd, $salt_hashindicator ? $salt_hashindicator . $salt . '$' : $salt)), $sql);
     }
     // dovecotpw
     if (strpos($sql, '%D') !== FALSE) {
         if (!($dovecotpw = $rcmail->config->get('password_dovecotpw'))) {
             $dovecotpw = 'dovecotpw';
         }
         if (!($method = $rcmail->config->get('password_dovecotpw_method'))) {
             $method = 'CRAM-MD5';
         }
         // use common temp dir
         $tmp_dir = $rcmail->config->get('temp_dir');
         $tmpfile = tempnam($tmp_dir, 'roundcube-');
         $pipe = popen("{$dovecotpw} -s '{$method}' > '{$tmpfile}'", "w");
         if (!$pipe) {
             unlink($tmpfile);
             return PASSWORD_CRYPT_ERROR;
         } else {
             fwrite($pipe, $passwd . "\n", 1 + strlen($passwd));
             usleep(1000);
             fwrite($pipe, $passwd . "\n", 1 + strlen($passwd));
             pclose($pipe);
             $newpass = trim(file_get_contents($tmpfile), "\n");
             if (!preg_match('/^\\{' . $method . '\\}/', $newpass)) {
                 return PASSWORD_CRYPT_ERROR;
             }
             if (!$rcmail->config->get('password_dovecotpw_with_method')) {
                 $newpass = trim(str_replace('{' . $method . '}', '', $newpass));
             }
             unlink($tmpfile);
         }
         $sql = str_replace('%D', $db->quote($newpass), $sql);
     }
     // hashed passwords
     if (preg_match('/%[n|q]/', $sql)) {
         if (!extension_loaded('hash')) {
             rcube::raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: 'hash' extension not loaded!"), true, false);
             return PASSWORD_ERROR;
         }
         if (!($hash_algo = strtolower($rcmail->config->get('password_hash_algorithm')))) {
             $hash_algo = 'sha1';
         }
         $hash_passwd = hash($hash_algo, $passwd);
         $hash_curpass = hash($hash_algo, $curpass);
         if ($rcmail->config->get('password_hash_base64')) {
             $hash_passwd = base64_encode(pack('H*', $hash_passwd));
             $hash_curpass = base64_encode(pack('H*', $hash_curpass));
         }
         $sql = str_replace('%n', $db->quote($hash_passwd, 'text'), $sql);
         $sql = str_replace('%q', $db->quote($hash_curpass, 'text'), $sql);
     }
     // Handle clear text passwords securely (#1487034)
     $sql_vars = array();
     if (preg_match_all('/%[p|o]/', $sql, $m)) {
         foreach ($m[0] as $var) {
             if ($var == '%p') {
                 $sql = preg_replace('/%p/', '?', $sql, 1);
                 $sql_vars[] = (string) $passwd;
             } else {
                 // %o
                 $sql = preg_replace('/%o/', '?', $sql, 1);
                 $sql_vars[] = (string) $curpass;
             }
         }
     }
     $local_part = $rcmail->user->get_username('local');
     $domain_part = $rcmail->user->get_username('domain');
     $username = $_SESSION['username'];
     $host = $_SESSION['imap_host'];
     // convert domains to/from punnycode
     if ($rcmail->config->get('password_idn_ascii')) {
         $domain_part = rcube_utils::idn_to_ascii($domain_part);
         $username = rcube_utils::idn_to_ascii($username);
         $host = rcube_utils::idn_to_ascii($host);
     } else {
         $domain_part = rcube_utils::idn_to_utf8($domain_part);
         $username = rcube_utils::idn_to_utf8($username);
         $host = rcube_utils::idn_to_utf8($host);
     }
     // at least we should always have the local part
     $sql = str_replace('%l', $db->quote($local_part, 'text'), $sql);
     $sql = str_replace('%d', $db->quote($domain_part, 'text'), $sql);
     $sql = str_replace('%u', $db->quote($username, 'text'), $sql);
     $sql = str_replace('%h', $db->quote($host, 'text'), $sql);
     $res = $db->query($sql, $sql_vars);
     if (!$db->is_error()) {
         if (strtolower(substr(trim($sql), 0, 6)) == 'select') {
             if ($db->fetch_array($res)) {
                 return PASSWORD_SUCCESS;
             }
         } else {
             // This is the good case: 1 row updated
             if ($db->affected_rows($res) == 1) {
                 return PASSWORD_SUCCESS;
             }
             // @TODO: Some queries don't affect any rows
             // Should we assume a success if there was no error?
         }
     }
     return PASSWORD_ERROR;
 }

コード例 #19

0

ファイルを表示

ファイル: squirrelmail_usercopy.php プロジェクト: bbspike/sentora-core

 private function read_squirrel_prefs($uname)
 {
     $rcmail = rcmail::get_instance();
     /**** File based backend ****/
     if ($rcmail->config->get('squirrelmail_driver') == 'file' && ($srcdir = $rcmail->config->get('squirrelmail_data_dir'))) {
         if (($hash_level = $rcmail->config->get('squirrelmail_data_dir_hash_level')) > 0) {
             $srcdir = slashify($srcdir) . chunk_split(substr(base_convert(crc32($uname), 10, 16), 0, $hash_level), 1, '/');
         }
         $prefsfile = slashify($srcdir) . $uname . '.pref';
         $abookfile = slashify($srcdir) . $uname . '.abook';
         $sigfile = slashify($srcdir) . $uname . '.sig';
         $sigbase = slashify($srcdir) . $uname . '.si';
         if (is_readable($prefsfile)) {
             $this->prefs = array();
             foreach (file($prefsfile) as $line) {
                 list($key, $value) = explode('=', $line);
                 $this->prefs[$key] = utf8_encode(rtrim($value));
             }
             // also read signature file if exists
             if (is_readable($sigfile)) {
                 $this->prefs['___signature___'] = utf8_encode(file_get_contents($sigfile));
             }
             if (isset($this->prefs['identities']) && $this->prefs['identities'] > 1) {
                 for ($i = 1; $i < $this->prefs['identities']; $i++) {
                     // read signature file if exists
                     if (is_readable($sigbase . $i)) {
                         $this->prefs['___sig' . $i . '___'] = utf8_encode(file_get_contents($sigbase . $i));
                     }
                 }
             }
             // parse addres book file
             if (filesize($abookfile)) {
                 foreach (file($abookfile) as $line) {
                     list($rec['name'], $rec['firstname'], $rec['surname'], $rec['email']) = explode('|', utf8_encode(rtrim($line)));
                     if ($rec['name'] && $rec['email']) {
                         $this->abook[] = $rec;
                     }
                 }
             }
         }
     } else {
         if ($rcmail->config->get('squirrelmail_driver') == 'sql') {
             $this->prefs = array();
             /* connect to squirrelmail database */
             $db = rcube_db::factory($rcmail->config->get('squirrelmail_dsn'));
             $db->set_debug($rcmail->config->get('sql_debug'));
             $db->db_connect('r');
             // connect in read mode
             /* retrieve prefs */
             $userprefs_table = $rcmail->config->get('squirrelmail_userprefs_table');
             $address_table = $rcmail->config->get('squirrelmail_address_table');
             $db_charset = $rcmail->config->get('squirrelmail_db_charset');
             if ($db_charset) {
                 $db->query('SET NAMES ' . $db_charset);
             }
             $sql_result = $db->query('SELECT * FROM ' . $userprefs_table . ' WHERE user=?', $uname);
             // ? is replaced with emailaddress
             while ($sql_array = $db->fetch_assoc($sql_result)) {
                 // fetch one row from result
                 $this->prefs[$sql_array['prefkey']] = rcube_charset::convert(rtrim($sql_array['prefval']), $db_charset);
             }
             /* retrieve address table data */
             $sql_result = $db->query('SELECT * FROM ' . $address_table . ' WHERE owner=?', $uname);
             // ? is replaced with emailaddress
             // parse addres book
             while ($sql_array = $db->fetch_assoc($sql_result)) {
                 // fetch one row from result
                 $rec['name'] = rcube_charset::convert(rtrim($sql_array['nickname']), $db_charset);
                 $rec['firstname'] = rcube_charset::convert(rtrim($sql_array['firstname']), $db_charset);
                 $rec['surname'] = rcube_charset::convert(rtrim($sql_array['lastname']), $db_charset);
                 $rec['email'] = rcube_charset::convert(rtrim($sql_array['email']), $db_charset);
                 $rec['notes'] = rcube_charset::convert(rtrim($sql_array['label']), $db_charset);
                 if ($rec['name'] && $rec['email']) {
                     $this->abook[] = $rec;
                 }
             }
         }
     }
     // end if 'sql'-driver
 }

PHP rcube_db::factoryの例