Roundcubemail devel
parent: b71eef6d | patch | commit | ignore whitespace
Aleksander Machniak
2015-07-27 252cc4c4ac0c3e2f387322b624e80a268d4810c2 
Password: Allow temporarily disabling the plugin functionality with a notice
9 files modified
101 ■■■■ changed files
CHANGELOG 1 ●●●● patch | view | raw | blame | history
plugins/password/composer.json 2 ●●● patch | view | raw | blame | history
plugins/password/config.inc.php.dist 5 ●●●●● patch | view | raw | blame | history
plugins/password/localization/en_US.inc 3 ●●●● patch | view | raw | blame | history
plugins/password/password.js 7 ●●●●● patch | view | raw | blame | history
plugins/password/password.php 63 ●●●●● patch | view | raw | blame | history
program/include/rcmail_output_html.php 1 ●●●● patch | view | raw | blame | history
skins/classic/common.css 10 ●●●●● patch | view | raw | blame | history
skins/larry/styles.css 9 ●●●●● patch | view | raw | blame | history 
 CHANGELOG


@@ -1,6 +1,7 @@


CHANGELOG Roundcube Webmail


===========================




- Password: Allow temporarily disabling the plugin functionality with a notice


- Support more secure hashing algorithms for auth cookie - configurable by PHP's session.hash_function (#1490403)


- Require Mbstring and OpenSSL extensions (#1490415)


- Get rid of Mail_mimeDecode package dependency (#1490416)




 plugins/password/composer.json


@@ -3,7 +3,7 @@


    "type": "roundcube-plugin",


    "description": "Password Change for Roundcube. Plugin adds a possibility to change user password using many methods (drivers) via Settings/Password tab.",


    "license": "GPLv3+",


    "version": "4.0",


    "version": "4.1",


    "authors": [


        {


            "name": "Aleksander Machniak",




 plugins/password/config.inc.php.dist


@@ -61,6 +61,11 @@


// Be aware, the higher the value, the longer it takes to generate the password hashes.


$config['password_blowfish_cost'] = 12;




// This option temporarily disables the password change functionality.


// Use it when the users database server is in maintenance mode or sth like that.


// You can set it to TRUE/FALSE or a text describing the reason


// which will replace the default.


$config['password_disabled'] = false;






// SQL Driver options




 plugins/password/localization/en_US.inc


@@ -34,5 +34,4 @@


$messages['passwordweak'] = 'Password must include at least one number and one punctuation character.';


$messages['passwordforbidden'] = 'Password contains forbidden characters.';


$messages['firstloginchange'] = 'This is your first login. Please change your password.';




?>


$messages['disablednotice'] = 'The system is currently under maintenance and password change is not possible at the moment. Everything should be back to normal soon. We apologize for any inconvenience.';




 plugins/password/password.js


@@ -16,6 +16,13 @@


 */




window.rcmail && rcmail.addEventListener('init', function(evt) {


    if (rcmail.env.password_disabled) {


        $('#password-form input').prop('disabled', true);


        // reload page after ca. 3 minutes


        rcmail.reload(3 * 60 * 1000 - 2000);


        return;


    }




    // register command handler


    rcmail.register_command('plugin.password-save', function() {


        var input_curpasswd = rcube_find_object('_curpasswd'),




 plugins/password/password.php


@@ -6,7 +6,7 @@


 * @version @package_version@


 * @author Aleksander Machniak <alec@alec.pl>


 *


 * Copyright (C) 2005-2013, The Roundcube Dev Team


 * Copyright (C) 2005-2015, The Roundcube Dev Team


 *


 * This program is free software: you can redistribute it and/or modify


 * it under the terms of the GNU General Public License as published by


@@ -63,10 +63,6 @@




            $this->register_action('plugin.password', array($this, 'password_init'));


            $this->register_action('plugin.password-save', array($this, 'password_save'));




            if (strpos($rcmail->action, 'plugin.password') === 0) {


                $this->include_script('password.js');


            }


        }


        else if ($rcmail->config->get('password_force_new_user')) {


            $this->add_hook('user_create', array($this, 'user_create'));


@@ -109,7 +105,8 @@


        $rcmail = rcmail::get_instance();


        $rcmail->output->set_pagetitle($this->gettext('changepasswd'));




        $confirm = $rcmail->config->get('password_confirm_current');


        $form_disabled   = $rcmail->config->get('password_disabled');


        $confirm         = $rcmail->config->get('password_confirm_current');


        $required_length = intval($rcmail->config->get('password_minimum_length'));


        $check_strength  = $rcmail->config->get('password_require_nonalpha');




@@ -196,15 +193,22 @@


            'password.passwordinconsistency'


        );




        $form_disabled = $rcmail->config->get('password_disabled');




        $rcmail->output->set_env('product_name', $rcmail->config->get('product_name'));


        $rcmail->output->set_env('password_disabled', !empty($form_disabled));




        $table = new html_table(array('cols' => 2));




        if ($rcmail->config->get('password_confirm_current')) {


            // show current password selection


            $field_id = 'curpasswd';


            $input_curpasswd = new html_passwordfield(array('name' => '_curpasswd', 'id' => $field_id,


                'size' => 20, 'autocomplete' => 'off'));


            $input_curpasswd = new html_passwordfield(array(


                    'name'         => '_curpasswd',


                    'id'           => $field_id,


                    'size'         => 20,


                    'autocomplete' => 'off',


            ));




            $table->add('title', html::label($field_id, rcube::Q($this->gettext('curpasswd'))));


            $table->add(null, $input_curpasswd->show());


@@ -212,16 +216,24 @@




        // show new password selection


        $field_id = 'newpasswd';


        $input_newpasswd = new html_passwordfield(array('name' => '_newpasswd', 'id' => $field_id,


            'size' => 20, 'autocomplete' => 'off'));


        $input_newpasswd = new html_passwordfield(array(


                'name'         => '_newpasswd',


                'id'           => $field_id,


                'size'         => 20,


                'autocomplete' => 'off',


        ));




        $table->add('title', html::label($field_id, rcube::Q($this->gettext('newpasswd'))));


        $table->add(null, $input_newpasswd->show());




        // show confirm password selection


        $field_id = 'confpasswd';


        $input_confpasswd = new html_passwordfield(array('name' => '_confpasswd', 'id' => $field_id,


            'size' => 20, 'autocomplete' => 'off'));


        $input_confpasswd = new html_passwordfield(array(


                'name'         => '_confpasswd',


                'id'           => $field_id,


                'size'         => 20,


                'autocomplete' => 'off',


        ));




        $table->add('title', html::label($field_id, rcube::Q($this->gettext('confpasswd'))));


        $table->add(null, $input_confpasswd->show());


@@ -244,20 +256,27 @@


            $rules = html::tag('ul', array('id' => 'ruleslist'), $rules);


        }




        if ($form_disabled) {


            $disabled_msg = is_string($form_disabled) ? $form_disabled : $this->gettext('disablednotice');


            $disabled_msg = html::div(array('class' => 'boxwarning', 'id' => 'password-notice'), $disabled_msg);


        }




        $submit_button = $rcmail->output->button(array(


                'command' => 'plugin.password-save',


                'type'    => 'input',


                'class'   => 'button mainaction',


                'label'   => 'save',


        ));




        $out = html::div(array('class' => 'box'),


            html::div(array('id' => 'prefs-title', 'class' => 'boxtitle'), $this->gettext('changepasswd')) .


            html::div(array('class' => 'boxcontent'), $table->show() .


            $rules .


            html::p(null,


                $rcmail->output->button(array(


                    'command' => 'plugin.password-save',


                    'type'    => 'input',


                    'class'   => 'button mainaction',


                    'label'   => 'save'


            )))));


            html::div(array('id' => 'prefs-title', 'class' => 'boxtitle'), $this->gettext('changepasswd'))


            . html::div(array('class' => 'boxcontent'),


                $disabled_msg . $table->show() . $rules . html::p(null, $submit_button)));




        $rcmail->output->add_gui_object('passform', 'password-form');




        $this->include_script('password.js');




        return $rcmail->output->form_tag(array(


            'id'     => 'password-form',


            'name'   => 'password-form',




 program/include/rcmail_output_html.php


@@ -1257,7 +1257,6 @@


            return '';


        }






        // try to find out the button type


        if ($attrib['type']) {


            $attrib['type'] = strtolower($attrib['type']);




 skins/classic/common.css


@@ -356,6 +356,16 @@


  background-color: #F2F2F2;


}




.boxcontent .boxwarning


{


  margin: 0 0 10px;


  display: block;


  min-height: 22px;


  background: url(images/display/icons.png) #EF9398 6px -95px no-repeat;


  border: 1px solid #DC5757;


  padding: 8px 10px 8px 46px;


}




.boxcontent table td.title


{


  color: #666;




 skins/larry/styles.css


@@ -1686,6 +1686,15 @@


    padding: 10px;


}




.boxcontent .boxwarning {


    margin: 0 0 10px;


    display: block;


    color: #960;


    border: 1px solid #ffdf0e;


    background: url(images/messages.png) #fef893 5px -85px no-repeat;


    padding: 6px 12px 6px 30px;


}




.contentbox .scroller {


    position: absolute;


    top: 34px;