/** * Write login data (name, ID, IP address) to the 'userlogins' log file. */ public function log_login($user = null, $failed_login = false, $error_code = 0) { if (!$this->config->get('log_logins')) { return; } // failed login if ($failed_login) { $message = sprintf('Failed login for %s from %s in session %s (error: %d)', $user, rcube_utils::remote_ip(), session_id(), $error_code); } else { $user_name = $this->get_user_name(); $user_id = $this->get_user_id(); if (!$user_id) { return; } $message = sprintf('Successful login for %s (ID: %d) from %s in session %s', $user_name, $user_id, rcube_utils::remote_ip(), session_id()); } // log login self::write_log('userlogins', $message); }
function password_save() { $this->register_handler('plugin.body', array($this, 'password_form')); $rcmail = rcmail::get_instance(); $rcmail->output->set_pagetitle($this->gettext('changepasswd')); $confirm = $rcmail->config->get('password_confirm_current'); $required_length = intval($rcmail->config->get('password_minimum_length')); $check_strength = $rcmail->config->get('password_require_nonalpha'); if ($confirm && !isset($_POST['_curpasswd']) || !isset($_POST['_newpasswd'])) { $rcmail->output->command('display_message', $this->gettext('nopassword'), 'error'); } else { $charset = strtoupper($rcmail->config->get('password_charset', 'ISO-8859-1')); $rc_charset = strtoupper($rcmail->output->get_charset()); $sespwd = $rcmail->decrypt($_SESSION['password']); $curpwd = $confirm ? rcube_utils::get_input_value('_curpasswd', rcube_utils::INPUT_POST, true, $charset) : $sespwd; $newpwd = rcube_utils::get_input_value('_newpasswd', rcube_utils::INPUT_POST, true); $conpwd = rcube_utils::get_input_value('_confpasswd', rcube_utils::INPUT_POST, true); // check allowed characters according to the configured 'password_charset' option // by converting the password entered by the user to this charset and back to UTF-8 $orig_pwd = $newpwd; $chk_pwd = rcube_charset::convert($orig_pwd, $rc_charset, $charset); $chk_pwd = rcube_charset::convert($chk_pwd, $charset, $rc_charset); // WARNING: Default password_charset is ISO-8859-1, so conversion will // change national characters. This may disable possibility of using // the same password in other MUA's. // We're doing this for consistence with Roundcube core $newpwd = rcube_charset::convert($newpwd, $rc_charset, $charset); $conpwd = rcube_charset::convert($conpwd, $rc_charset, $charset); if ($chk_pwd != $orig_pwd) { $rcmail->output->command('display_message', $this->gettext('passwordforbidden'), 'error'); } else { if ($conpwd != $newpwd) { $rcmail->output->command('display_message', $this->gettext('passwordinconsistency'), 'error'); } else { if ($confirm && $sespwd != $curpwd) { $rcmail->output->command('display_message', $this->gettext('passwordincorrect'), 'error'); } else { if ($required_length && strlen($newpwd) < $required_length) { $rcmail->output->command('display_message', $this->gettext(array('name' => 'passwordshort', 'vars' => array('length' => $required_length))), 'error'); } else { if ($check_strength && (!preg_match("/[0-9]/", $newpwd) || !preg_match("/[^A-Za-z0-9]/", $newpwd))) { $rcmail->output->command('display_message', $this->gettext('passwordweak'), 'error'); } else { if ($sespwd == $newpwd && !$rcmail->config->get('password_force_save')) { $rcmail->output->command('display_message', $this->gettext('successfullysaved'), 'confirmation'); } else { if (!($res = $this->_save($curpwd, $newpwd))) { $rcmail->output->command('display_message', $this->gettext('successfullysaved'), 'confirmation'); // allow additional actions after password change (e.g. reset some backends) $plugin = $rcmail->plugins->exec_hook('password_change', array('old_pass' => $curpwd, 'new_pass' => $newpwd)); // Reset session password $_SESSION['password'] = $rcmail->encrypt($plugin['new_pass']); // Log password change if ($rcmail->config->get('password_log')) { rcube::write_log('password', sprintf('Password changed for user %s (ID: %d) from %s', $rcmail->get_user_name(), $rcmail->user->ID, rcube_utils::remote_ip())); } } else { $rcmail->output->command('display_message', $res, 'error'); } } } } } } } } $rcmail->overwrite_action('plugin.password'); $rcmail->output->send('plugin'); }
/** * Connect to an IMAP server * * @param string $host Host to connect * @param string $user Username for IMAP account * @param string $pass Password for IMAP account * @param integer $port Port to connect to * @param string $use_ssl SSL schema (either ssl or tls) or null if plain connection * * @return boolean True on success, False on failure */ public function connect($host, $user, $pass, $port = 143, $use_ssl = null) { // check for OpenSSL support in PHP build if ($use_ssl && extension_loaded('openssl')) { $this->options['ssl_mode'] = $use_ssl == 'imaps' ? 'ssl' : $use_ssl; } else { if ($use_ssl) { rcube::raise_error(array('code' => 403, 'type' => 'imap', 'file' => __FILE__, 'line' => __LINE__, 'message' => "OpenSSL not available"), true, false); $port = 143; } } $this->options['port'] = $port; if ($this->options['debug']) { $this->set_debug(true); $this->options['ident'] = array('name' => 'Roundcube', 'version' => RCUBE_VERSION, 'php' => PHP_VERSION, 'os' => PHP_OS, 'command' => $_SERVER['REQUEST_URI']); } $attempt = 0; do { $data = $this->plugins->exec_hook('storage_connect', array_merge($this->options, array('host' => $host, 'user' => $user, 'attempt' => ++$attempt))); if (!empty($data['pass'])) { $pass = $data['pass']; } $this->conn->connect($data['host'], $data['user'], $pass, $data); } while (!$this->conn->connected() && $data['retry']); $config = array('host' => $data['host'], 'user' => $data['user'], 'password' => $pass, 'port' => $port, 'ssl' => $use_ssl); $this->options = array_merge($this->options, $config); $this->connect_done = true; if ($this->conn->connected()) { // check for session identifier $session = null; if (preg_match('/\\s+SESSIONID=([^=\\s]+)/', $this->conn->result, $m)) { $session = $m[1]; } // get namespace and delimiter $this->set_env(); // trigger post-connect hook $this->plugins->exec_hook('storage_connected', array('host' => $host, 'user' => $user, 'session' => $session)); return true; } else { if ($this->conn->error) { if ($pass && $user) { $message = sprintf("Login failed for %s from %s. %s", $user, rcube_utils::remote_ip(), $this->conn->error); rcube::raise_error(array('code' => 403, 'type' => 'imap', 'file' => __FILE__, 'line' => __LINE__, 'message' => $message), true, false); } } } return false; }
/** * Write login data (name, ID, IP address) to the 'userlogins' log file. */ public function log_login() { if (!$this->config->get('log_logins')) { return; } $user_name = $this->get_user_name(); $user_id = $this->get_user_id(); if (!$user_id) { return; } self::write_log('userlogins', sprintf('Successful login for %s (ID: %d) from %s in session %s', $user_name, $user_id, rcube_utils::remote_ip(), session_id())); }
function rcmail_remote_ip() { return rcube_utils::remote_ip(); }
/** * Write login data (name, ID, IP address) to the 'userlogins' log file. */ public function log_login($user = null, $failed_login = false, $error_code = 0) { if (!$this->config->get('log_logins')) { return; } // failed login if ($failed_login) { // don't fill the log with complete input, which could // have been prepared by a hacker if (strlen($user) > 256) { $user = substr($user, 0, 256) . '...'; } $message = sprintf('Failed login for %s from %s in session %s (error: %d)', $user, rcube_utils::remote_ip(), session_id(), $error_code); } else { $user_name = $this->get_user_name(); $user_id = $this->get_user_id(); if (!$user_id) { return; } $message = sprintf('Successful login for %s (ID: %d) from %s in session %s', $user_name, $user_id, rcube_utils::remote_ip(), session_id()); } // log login self::write_log('userlogins', $message); }
function rcmail_remote_ip() { _deprecation_warning(__FUNCTION__); return rcube_utils::remote_ip(); }