From 4520fa0f38e9744fa1541c2365000710f7763242 Mon Sep 17 00:00:00 2001 From: Aleksander Machniak Date: Tue, 10 Jun 2014 15:22:38 +0200 Subject: Code cleanup and small fixes (after pull request merge) --- plugins/password/package.xml | 271 +----------------------------------------- plugins/password/password.php | 61 +++++----- 2 files changed, 32 insertions(+), 300 deletions(-) diff --git a/plugins/password/package.xml b/plugins/password/package.xml index 16eda1ad0..4fa023c77 100644 --- a/plugins/password/package.xml +++ b/plugins/password/package.xml @@ -15,9 +15,9 @@ alec@alec.pl yes - 2013-04-28 + 2014-06-10 - 3.4 + 3.5 2.0 @@ -25,9 +25,6 @@ stable GNU GPLv3+ - -Added password_force_save option - @@ -114,268 +111,4 @@ Added password_force_save option - - - 2010-04-29 - - - 1.4 - 1.4 - - - stable - stable - - GNU GPLv2 - -- Use mail_domain value for domain variables when there is no domain in username: - sql and ldap drivers (#1486694) -- Created package.xml - - - - 2010-06-20 - - - 1.5 - 1.5 - - - stable - stable - - GNU GPLv2 - -- Removed user_login/username_local/username_domain methods, - use rcube_user::get_username instead (#1486707) - - - - 2010-08-01 - - - 1.6 - 1.5 - - - stable - stable - - GNU GPLv2 - -- Added ldap_simple driver - - - - 2010-09-10 - - - 1.7 - 1.5 - - - stable - stable - - GNU GPLv2 - -- Added XMail driver -- Improve security of chpasswd driver using popen instead of exec+echo (#1486987) -- Added chpass-wrapper.py script to improve security (#1486987) - - - - 2010-09-29 - - - 1.8 - 1.6 - - - stable - stable - - GNU GPLv2 - -- Added possibility to display extended error messages (#1486704) -- Added extended error messages in Poppassd driver (#1486704) - - - - - 1.9 - 1.6 - - - stable - stable - - GNU GPLv2 - -- Added password_ldap_lchattr option (#1486927) - - - - 2010-10-07 - - - 2.0 - 1.6 - - - stable - stable - - GNU GPLv2 - -- Fixed SQL Injection in SQL driver when using %p or %o variables in query (#1487034) - - - - 2010-11-02 - - - 2.1 - 1.6 - - - stable - stable - - GNU GPLv2 - -- hMail driver: Add possibility to connect to remote host - - - - 2011-02-15 - - - 2.2 - 1.6 - - - stable - stable - - GNU GPLv2 - -- hMail driver: add username_domain detection (#1487100) -- hMail driver: HTML tags in logged messages should be stripped off (#1487099) -- Chpasswd driver: add newline at end of input to chpasswd binary (#1487141) -- Fix usage of configured temp_dir instead of /tmp (#1487447) -- ldap_simple driver: fix parse error -- ldap/ldap_simple drivers: support %dc variable in config -- ldap/ldap_simple drivers: support Samba password change -- Fix extended error messages handling (#1487676) -- Fix double request when clicking on Password tab in Firefox -- Fix deprecated split() usage in xmail and directadmin drivers (#1487769) -- Added option (password_log) for logging password changes -- Virtualmin driver: Add option for setting username format (#1487781) - - - - 2011-10-26 - - - 2.3 - 1.6 - - - stable - stable - - GNU GPLv2 - -- When old and new passwords are the same, do nothing, return success (#1487823) -- Fixed Samba password hashing in 'ldap' driver -- Added 'password_change' hook for plugin actions after successful password change -- Fixed bug where 'doveadm pw' command was used as dovecotpw utility -- Improve generated crypt() passwords (#1488136) - - - - 2011-11-23 - - 2.4 - 1.6 - - - stable - stable - - GNU GPLv2 - -- Added option to use punycode or unicode for domain names (#1488103) -- Save Samba password hashes in capital letters (#1488197) - - - - 2011-11-23 - - 3.0 - 2.0 - - - stable - stable - - GNU GPLv2 - -- Fixed drivers namespace issues - - - - 2012-03-07 - - 3.1 - 2.0 - - - stable - stable - - GNU GPLv2 - -- Added pw_usermod driver (#1487826) -- Added option password_login_exceptions (#1487826) -- Added domainfactory driver (#1487882) -- Added DBMail driver (#1488281) -- Helper files moved to helpers/ directory from drivers/ -- Added Expect driver (#1488363) -- Added Samba password (#1488364) - - - - 2012-11-15 - - 3.2 - 2.0 - - - stable - stable - - GNU GPLv2 - -- Fix wrong (non-specific) error message on crypt or connection error (#1488808) -- Added option to define IMAP hosts that support password changes - password_hosts - - - - 2013-03-30 - - 3.3 - 2.0 - - - stable - stable - - GNU GPLv2 - -Added new cPanel driver - fixes localization related issues (#1487015) - - - diff --git a/plugins/password/password.php b/plugins/password/password.php index 7b6b80dc7..9bf020176 100644 --- a/plugins/password/password.php +++ b/plugins/password/password.php @@ -43,6 +43,7 @@ class password extends rcube_plugin public $task = 'settings|login'; public $noframe = true; public $noajax = true; + private $newuser = false; function init() @@ -51,22 +52,23 @@ class password extends rcube_plugin $this->load_config(); - if($rcmail->task == 'settings' && !$this->check_host_login_exceptions()) { - return; - } - - $this->add_hook('settings_actions', array($this, 'settings_actions')); - if($rcmail->config->get('password_force_new_user')) { - $this->add_hook('user_create', array($this, 'user_create')); - $this->add_hook('login_after', array($this, 'login_after')); - } + if ($rcmail->task == 'settings') { + if (!$this->check_host_login_exceptions()) { + return; + } - $this->register_action('plugin.password', array($this, 'password_init')); - $this->register_action('plugin.password-save', array($this, 'password_save')); + $this->add_hook('settings_actions', array($this, 'settings_actions')); + $this->register_action('plugin.password', array($this, 'password_init')); + $this->register_action('plugin.password-save', array($this, 'password_save')); - if (strpos($rcmail->action, 'plugin.password') === 0) { - $this->include_script('password.js'); + if (strpos($rcmail->action, 'plugin.password') === 0) { + $this->include_script('password.js'); + } + } + else if ($rcmail->config->get('password_force_new_user')) { + $this->add_hook('user_create', array($this, 'user_create')); + $this->add_hook('login_after', array($this, 'login_after')); } } @@ -84,24 +86,25 @@ class password extends rcube_plugin $rcmail = rcmail::get_instance(); $rcmail->output->set_pagetitle($this->gettext('changepasswd')); - $first = rcube_utils::get_input_value('_first', rcube_utils::INPUT_GET); - if(isset($first) && $first == 'true') { + + if (rcube_utils::get_input_value('_first', rcube_utils::INPUT_GET)) { $rcmail->output->command('display_message', $this->gettext('firstloginchange'), 'notice'); } + $rcmail->output->send('plugin'); } function password_save() { - $rcmail = rcmail::get_instance(); - $this->add_texts('localization/'); $this->register_handler('plugin.body', array($this, 'password_form')); + + $rcmail = rcmail::get_instance(); $rcmail->output->set_pagetitle($this->gettext('changepasswd')); $confirm = $rcmail->config->get('password_confirm_current'); $required_length = intval($rcmail->config->get('password_minimum_length')); - $check_strength = $rcmail->config->get('password_require_nonalpha'); + $check_strength = $rcmail->config->get('password_require_nonalpha'); if (($confirm && !isset($_POST['_curpasswd'])) || !isset($_POST['_newpasswd'])) { $rcmail->output->command('display_message', $this->gettext('nopassword'), 'error'); @@ -294,44 +297,39 @@ class password extends rcube_plugin return $reason; } - + function user_create($args) { $this->newuser = true; return $args; } - + function login_after($args) { - if(!$this->check_host_login_exceptions()) { - return $args; - } - if($this->newuser) - { - $args['_task'] = 'settings'; + if ($this->newuser && $this->check_host_login_exceptions()) { + $args['_task'] = 'settings'; $args['_action'] = 'plugin.password'; - $args['_first'] = 'true'; + $args['_first'] = 'true'; } + return $args; } - + // Check if host and login is allowed to change the password, false = not allowed, true = not allowed private function check_host_login_exceptions() { $rcmail = rcmail::get_instance(); + // Host exceptions $hosts = $rcmail->config->get('password_hosts'); - $this->allowed_hosts = $hosts; if (!empty($hosts) && !in_array($_SESSION['storage_host'], $hosts)) { return false; } - // Login exceptions if ($exceptions = $rcmail->config->get('password_login_exceptions')) { $exceptions = array_map('trim', (array) $exceptions); $exceptions = array_filter($exceptions); - $this->login_exceptions = $exceptions; $username = $_SESSION['username']; foreach ($exceptions as $ec) { @@ -340,6 +338,7 @@ class password extends rcube_plugin } } } + return true; } } -- cgit v1.2.3