3 files changed, 71 insertions, 50 deletions

diff --git a/plugins/password/drivers/domainfactory.php b/plugins/password/drivers/domainfactory.php
index 7f6b8860e..9128720c9 100644
--- a/plugins/password/drivers/domainfactory.php
+++ b/plugins/password/drivers/domainfactory.php
@@ -4,9 +4,9 @@
  * domainFACTORY Password Driver
  *
  * Driver to change passwords with the hosting provider domainFACTORY.
- * See: http://www.df.eu/
+ * http://www.df.eu/
  *
- * @version 2.0
+ * @version 2.1
  * @author Till Krüss <me@tillkruess.com>
  * @link http://tillkruess.com/projects/roundcube/
  *
@@ -14,57 +14,76 @@
 
 class rcube_domainfactory_password
 {
-    function save($curpass, $passwd)
-    {
-	    $rcmail = rcmail::get_instance();
+	function save($curpass, $passwd)
+	{
+		$rcmail = rcmail::get_instance();
 
-	    if (is_null($curpass)) {
-		    $curpass = $rcmail->decrypt($_SESSION['password']);
-	    }
+		if (is_null($curpass)) {
+			$curpass = $rcmail->decrypt($_SESSION['password']);
+		}
 
-    	if ($ch = curl_init()) {
-    		// initial login
-	    	curl_setopt_array($ch, array(
-		    	CURLOPT_RETURNTRANSFER => true,
-    			CURLOPT_URL => 'https://ssl.df.eu/chmail.php',
-	    		CURLOPT_POST => true,
-		    	CURLOPT_POSTFIELDS => array(
-			    	'login' => $rcmail->user->get_username(),
-				    'pwd' => $curpass,
-    				'action' => 'change'
-	    		)
-		    ));
+		if ($ch = curl_init()) {
 
-    		if ($result = curl_exec($ch)) {
-    			// login successful, get token!
-	    		$postfields = array(
-		    		'pwd1' => $passwd,
-			    	'pwd2' => $passwd,
-				    'action[update]' => 'Speichern'
-    			);
+			// initial login
+			curl_setopt_array($ch, array(
+				CURLOPT_RETURNTRANSFER => true,
+				CURLOPT_URL => 'https://ssl.df.eu/chmail.php',
+				CURLOPT_POST => true,
+				CURLOPT_POSTFIELDS => array(
+					'login' => $rcmail->user->get_username(),
+					'pwd' => $curpass,
+					'action' => 'change'
+				)
+			));
 
-    			preg_match_all('~<input name="(.+?)" type="hidden" value="(.+?)">~i', $result, $fields);
-	    		foreach ($fields[1] as $field_key => $field_name) {
-		    		$postfields[$field_name] = $fields[2][$field_key];
-			    }
+			if ($result = curl_exec($ch)) {
+				// login successful, get token!
+				$postfields = array(
+					'pwd1' => $passwd,
+					'pwd2' => $passwd,
+					'action[update]' => 'Speichern'
+				);
 
-    			// change password
-	    		$ch = curl_copy_handle($ch);
-		    	curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
-			    if ($result = curl_exec($ch)) {
-    				if (strpos($result, 'Einstellungen erfolgreich') !== false) {
-	    				return PASSWORD_SUCCESS;
-		    		}
-    			} else {
-	    			return PASSWORD_CONNECT_ERROR;
-		    	}
-    		} else {
-	    		return PASSWORD_CONNECT_ERROR;
-		    }
-    	} else {
-	    	return PASSWORD_CONNECT_ERROR;
-	    }
+				preg_match_all('~<input name="(.+?)" type="hidden" value="(.+?)">~i', $result, $fields);
+				foreach ($fields[1] as $field_key => $field_name) {
+					$postfields[$field_name] = $fields[2][$field_key];
+				}
 
-    	return PASSWORD_ERROR;
-    }
+				// change password
+				$ch = curl_copy_handle($ch);
+				curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
+				if ($result = curl_exec($ch)) {
+
+					// has the password been changed?
+					if (strpos($result, 'Einstellungen erfolgreich') !== false) {
+						return PASSWORD_SUCCESS;
+					}
+
+					// show error message(s) if possible
+					if (strpos($result, '<div class="d-msg-text">') !== false) {
+						preg_match_all('#<div class="d-msg-text">(.*?)</div>#s', $result, $errors);
+						if (isset($errors[1])) {
+							$error_message = '';
+							foreach ( $errors[1] as $error ) {
+								$error_message .= trim(mb_convert_encoding( $error, 'UTF-8', 'ISO-8859-15' )).' ';
+							}
+							return array('code' => PASSWORD_ERROR, 'message' => $error_message);
+						}
+					}
+
+
+				} else {
+					return PASSWORD_CONNECT_ERROR;
+				}
+
+			} else {
+				return PASSWORD_CONNECT_ERROR;
+			}
+
+		} else {
+			return PASSWORD_CONNECT_ERROR;
+		}
+
+		return PASSWORD_ERROR;
+	}
 }
diff --git a/plugins/password/drivers/ldap.php b/plugins/password/drivers/ldap.php
index cf62debcf..739958ad7 100644
--- a/plugins/password/drivers/ldap.php
+++ b/plugins/password/drivers/ldap.php
@@ -146,7 +146,7 @@ class rcube_ldap_password
             return '';
         }
 
-        $base = $rcmail->config->get('password_ldap_search_base');
+        $base   = self::substitute_vars($rcmail->config->get('password_ldap_search_base'));
         $filter = self::substitute_vars($rcmail->config->get('password_ldap_search_filter'));
         $options = array (
             'scope' => 'sub',
diff --git a/plugins/password/drivers/ldap_simple.php b/plugins/password/drivers/ldap_simple.php
index c5d828fab..47e3b07de 100644
--- a/plugins/password/drivers/ldap_simple.php
+++ b/plugins/password/drivers/ldap_simple.php
@@ -187,6 +187,8 @@ class rcube_ldap_simple_password
 
         $search_base   = $rcmail->config->get('password_ldap_search_base');
         $search_filter = $rcmail->config->get('password_ldap_search_filter');
+
+        $search_base   = rcube_ldap_password::substitute_vars($search_base);
         $search_filter = rcube_ldap_password::substitute_vars($search_filter);
 
         $this->_debug("C: Search $search_base for $search_filter");