1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
<?php
/**
* domainFACTORY Password Driver
*
* Driver to change passwords with the hosting provider domainFACTORY.
* http://www.df.eu/
*
* @version 2.1
* @author Till Krüss <me@tillkruess.com>
* @link http://tillkruess.com/projects/roundcube/
*
* Copyright (C) 2005-2014, The Roundcube Dev Team
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see http://www.gnu.org/licenses/.
*/
class rcube_domainfactory_password
{
function save($curpass, $passwd)
{
$rcmail = rcmail::get_instance();
if (is_null($curpass)) {
$curpass = $rcmail->decrypt($_SESSION['password']);
}
if ($ch = curl_init()) {
// initial login
curl_setopt_array($ch, array(
CURLOPT_RETURNTRANSFER => true,
CURLOPT_URL => 'https://ssl.df.eu/chmail.php',
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => http_build_query(array(
'login' => $rcmail->user->get_username(),
'pwd' => $curpass,
'action' => 'change'
))
));
if ($result = curl_exec($ch)) {
// login successful, get token!
$postfields = array(
'pwd1' => $passwd,
'pwd2' => $passwd,
'action[update]' => 'Speichern'
);
preg_match_all('~<input name="(.+?)" type="hidden" value="(.+?)">~i', $result, $fields);
foreach ($fields[1] as $field_key => $field_name) {
$postfields[$field_name] = $fields[2][$field_key];
}
// change password
$ch = curl_copy_handle($ch);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postfields));
if ($result = curl_exec($ch)) {
// has the password been changed?
if (strpos($result, 'Einstellungen erfolgreich') !== false) {
return PASSWORD_SUCCESS;
}
// show error message(s) if possible
if (strpos($result, '<div class="d-msg-text">') !== false) {
preg_match_all('#<div class="d-msg-text">(.*?)</div>#s', $result, $errors);
if (isset($errors[1])) {
$error_message = '';
foreach ($errors[1] as $error) {
$error_message .= trim(mb_convert_encoding( $error, 'UTF-8', 'ISO-8859-15' )).' ';
}
return array('code' => PASSWORD_ERROR, 'message' => $error_message);
}
}
}
else {
return PASSWORD_CONNECT_ERROR;
}
}
else {
return PASSWORD_CONNECT_ERROR;
}
}
else {
return PASSWORD_CONNECT_ERROR;
}
return PASSWORD_ERROR;
}
}
|
