| | |
| | | $rules = html::tag('ul', array('id' => 'ruleslist'), $rules); |
| | | } |
| | | |
| | | $disabled_msg = ''; |
| | | if ($form_disabled) { |
| | | $disabled_msg = is_string($form_disabled) ? $form_disabled : $this->gettext('disablednotice'); |
| | | $disabled_msg = html::div(array('class' => 'boxwarning', 'id' => 'password-notice'), $disabled_msg); |
| | |
| | | |
| | | $object = new $class; |
| | | $result = $object->save($curpass, $passwd); |
| | | $message = ''; |
| | | |
| | | if (is_array($result)) { |
| | | $message = $result['message']; |
| | |
| | | |
| | | // Host exceptions |
| | | $hosts = $rcmail->config->get('password_hosts'); |
| | | if (!empty($hosts) && !in_array($_SESSION['storage_host'], $hosts)) { |
| | | if (!empty($hosts) && !in_array($_SESSION['storage_host'], (array) $hosts)) { |
| | | return false; |
| | | } |
| | | |
| | |
| | | { |
| | | $method = strtolower($method); |
| | | $rcmail = rcmail::get_instance(); |
| | | $prefix = ''; |
| | | $crypted = ''; |
| | | $default = false; |
| | | |
| | | if (empty($method) || $method == 'default') { |
| | | $method = $rcmail->config->get('password_algorithm'); |
| | |
| | | |
| | | case 'sha256-crypt': |
| | | $rounds = (int) $rcmail->config->get('password_crypt_rounds'); |
| | | if ($rounds < 1000) |
| | | $prefix = '$5$'; |
| | | else |
| | | $prefix = '$5$rounds=' . $rounds . '$'; |
| | | $prefix = '$5$'; |
| | | |
| | | if ($rounds > 1000) { |
| | | $prefix .= 'rounds=' . $rounds . '$'; |
| | | } |
| | | |
| | | $crypted = crypt($password, $prefix . self::random_salt(16)); |
| | | $prefix = '{CRYPT}'; |
| | | break; |
| | | |
| | | case 'sha512-crypt': |
| | | $rounds = (int) $rcmail->config->get('password_crypt_rounds'); |
| | | if ($rounds < 1000) |
| | | $prefix = '$6$'; |
| | | else |
| | | $prefix = '$6$rounds=' . $rounds . '$'; |
| | | $prefix = '$6$'; |
| | | |
| | | if ($rounds > 1000) { |
| | | $prefix .= 'rounds=' . $rounds . '$'; |
| | | } |
| | | |
| | | $crypted = crypt($password, $prefix . self::random_salt(16)); |
| | | $prefix = '{CRYPT}'; |
| | | break; |
| | |
| | | case 'samba': |
| | | if (function_exists('hash')) { |
| | | $crypted = hash('md4', rcube_charset::convert($password, RCUBE_CHARSET, 'UTF-16LE')); |
| | | $crypted = strtoupper($crypted_password); |
| | | $crypted = strtoupper($crypted); |
| | | } |
| | | else { |
| | | rcube::raise_error(array( |
| | |
| | | return false; |
| | | } |
| | | else { |
| | | fwrite($pipe, $passwd . "\n", 1+strlen($passwd)); usleep(1000); |
| | | fwrite($pipe, $passwd . "\n", 1+strlen($passwd)); |
| | | fwrite($pipe, $password . "\n", 1+strlen($password)); usleep(1000); |
| | | fwrite($pipe, $password . "\n", 1+strlen($password)); |
| | | pclose($pipe); |
| | | |
| | | $crypted = trim(file_get_contents($tmpfile), "\n"); |
| | | unlink($tmpfile); |
| | | |
| | | if (!preg_match('/^\{' . $method . '\}/', $newpass)) { |
| | | if (!preg_match('/^\{' . $method . '\}/', $crypted)) { |
| | | return false; |
| | | } |
| | | |