ispCP Password Changer

\\ \\ \\ \\ ====== E-mail, FTP, and SQL Password Changer ====== I needed the ability for user to be able to update their passwords in one easy location and without requiring the domain admin to change FTP or SQL passwords for users, so I created a PHP script that provides this functionality. The changer is based on [[howto:mail:change_webmailpass]]. I took that code and expanded it out to include a few features: * Ability for users to change E-mail, FTP, and SQL passwords * Removed requirement of adodb and used ispCP functions for db access * Added some Javascript/AJAX to check validity of the entered data You can easily remove the ability to change passwords by removing the appropriate entry as you may not want users to be able to chane their SQL/FTP password. I am by no means a proficient programmer, but feel free to update/modify/remove anything you like or let me know if something can be done better. I installed mine under tools/passwordchanger/index.php







ispCP Password Changer







  
    ispCP Password Changer
    
        
        
          
             Type:
            
          
          
             Username:
            
          
          
             Old Password:
            
          
          
             New Password:
            
          
          
             Repeat New:
            
          
          
            
            
          
        
      
    
  



fields[$sql_search_id];
  $user_db_pass = $sql_result->fields[$sql_search_pass];

  // Check if the username exists
  if ($sql_result->RecordCount() == 0)
  {
    echo ('Incorrect username or password. Please try again ');
    return false;
  }
  elseif ($sql_result->RecordCount() > 1)
  {
    echo ('
An error has occurred. Please contact the system administrator. ');
    return false;
  }
  // One entry found. Check if the old password match
  else
  {
    // check if the old passwords match
    // ftp passwords are stored a bit differently than e-mail and SQL
    if ($ptype == "ftp")
    {
      if (crypt($oldpass,$user_db_pass) == $user_db_pass)
        $pass_match = 1;
      else
        $pass_match = 0;
    }
    // Check e-mail and SQL users this way
    else
    {
      if (encrypt_db_password($oldpass) == $user_db_pass)
        $pass_match = 1;
      else
        $pass_match = 0;
    }

    if ($pass_match == 1)
    {

      //Encrypt the new passwords
      // ftp passwords are stored with crypt
      if ($ptype == "ftp")
      {
        $new_db_pass = crypt_user_pass_with_salt($newpass);
      }
      // otherwise md5 with e-mail and SQL
      else
      {
        $new_db_pass = encrypt_db_password($newpass);
      }
      // Perform the password update
      if ($ptype == "sql")
      {
        // Update ispCP SQL password
        $sql_result = execute_query($sql,'UPDATE ' . $sql_table . ' SET '. $sql_search_pass."='".$new_db_pass."'  WHERE ". $sql_search_id .'="'.$user_db_id.'" LIMIT 1');
        // update MYSQL login data
        $query =  execute_query($sql, 'SET PASSWORD FOR "' . $username. '"@"%" = PASSWORD("'.$newpass.'")');
        $query =  execute_query($sql, 'SET PASSWORD FOR "' . $username. '"@"localhost" = PASSWORD("'.$newpass.'")');
      }
      elseif ($ptype == "ftp")
        $sql_result = execute_query($sql,'UPDATE ' . $sql_table . ' SET '. $sql_search_pass."='".$new_db_pass."' WHERE ". $sql_search_id .'="'.$user_db_id.'" LIMIT 1');

      else
        $sql_result = execute_query($sql,'UPDATE ' . $sql_table . ' SET '. $sql_search_pass."='".$new_db_pass."', status='change' WHERE ". $sql_search_id .'="'.$user_db_id.'" LIMIT 1');

      //
      echo ('
Password changed. ');
      // Write event to admin logfile
      write_log($username . " changed " . $ptype . " password using passwordchanger tool");
      // Trigger the ispCP manager to update
      send_request();
    }
  }
  echo '';
}
?>

Type:
Username:
Old Password:
New Password:
Repeat New: