<?php
/*
* ispcp Password Changer
* author: dolomike
* translation: Gleno0h
* language: Dutch
* Version: 0.1
*
* Feel free to modify and distribute
*
* Based on http://www.isp-control.net/documentation/doku.php?id=howto:mail:change_webmailpass
* Modified to allow password changes to e-mail, ftp, and SQL users
* Does not require adodb but uses built in ispCP functions
* Added javascript to check password entry requirements before submit
*/
require '../../include/ispcp-lib.php';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>IspCP Wachtwoord Veranderen</title>
<meta name="robots" content="noindex,nofollow">
<link rel="stylesheet" type="text/css" href="/webmail/themes/css/omega.css">
<style type="text/css">
<!--
body, td, input, select, textarea {
font-family:Tahoma, Geneva, sans-serif;
font-size:9px;
}
input, textarea, select {
border:#7f9db9 1px solid;
padding:0px;
}
-->
</style>
<script type="text/javascript">
function checkForm(form)
{
// Check of de gebruikersnaam leeg is
if(form.username.value == "") {
alert("Error: Gebruikersnaam is leeg");
form.username.focus();
return false;
}
// Check of er ongeldige tekens in de gebruikersnaam gebruikt worden
//if (form.ptype.value != "sql")
//{
// re = /^\w+$/;
// if(!re.test(form.username.value)) {
// alert("Error: Gebruikersnaam mag alleen letters, cijfers en sommige tekens bevatten.");
// form.username.focus();
// return false;
// }
//}
// Check of het oude wachtwoord veld leeg is
if(form.oldpass.value == "") {
alert("Error: Oude wachtwoord niet ingevult.");
form.oldpass.focus();
return false;
}
// Check of het nieuwe wachtwoord veld leeg is
if(form.newpass.value == "") {
alert("Error: Nieuw wachtwoord niet ingevult.");
form.newpass.focus();
return false;
}
// Check of het nieuwe herhaalde wachtwoord veld leeg is
if(form.newpassr.value == "") {
alert("Error: Please repeat the new password!");
form.newpassr.focus();
return false;
}
// Er zeker van zijn dat het wachtwoord minstens 1 cijfer heeft
re = /[0-9]/;
if(!re.test(form.newpass.value)) {
alert("Error: het wachtwoord moet minstens 1 cijfer hebben (0-9)!");
form.newpass.focus();
return false;
}
// Er zeker van zijn dat het wachtwoord minsten 1 kleine letter heeft
re = /[a-z]/;
if(!re.test(form.newpass.value)) {
alert("Error: het wachtwoord moet minimaal 1 kleine letter hebben (a-z)!");
form.newpass.focus();
return false;
}
// Check of de wachtwoord lengte klopt
if (form.ptype.value == "sql")
{
if((form.newpass.value.length < 1) || (form.newpass.value.length > 32)) {
alert("Error: Wachtwoord moet tussen 1 en 32 tekens hebben");
form.newpass.focus();
return false;
}
}
else
{
if((form.newpass.value.length < 6) || (form.newpass.value.length > 15)) {
alert("Error: Wachtwoord moet tussen 6 en 15 tekens hebben");
form.newpass.focus();
return false;
}
}
// Check of de nieuwe wachtwoorden overeen komen
if(form.newpass.value != form.newpassr.value) {
alert("Error: Nieuwe wachtwoord komen niet overeen");
//form.newpass = "";
// form.newpassr = "";
form.newpassr.focus();
return false;
}
//Extra:
// re = /[A-Z]/;
// if(!re.test(form.pwd1.value)) {
// alert("Error: wachtwoord moet minstens 1 hoofdletter hebben (A-Z)!");
// form.pwd1.focus();
// return false;
// }
// }
// Geen problemen, accepteer dan de verandering en stuur het door naar IspCP
return true;
}
</script>
</head>
<body bgcolor="#FFFFFF" text="#000000" link="#000000" vlink="#000000" alink="#000000">
<form action="" method="post" name="login_form" onSubmit="return checkForm(this);">
<div id="container">
<h1>Wachtwoord veranderen</h1>
<fieldset class="login">
<p class="login">
<table cellpadding="0" cellspacing="0" style="color:#CCC">
<tr>
<td align ="left"> <strong>Type:</strong></td>
<td><select name="ptype" style="width:130px;"/>
<option value="e-mail">E-Mail Wachtwoord</option>
<option value="ftp">FTP Wachtwoord</option>
<option value="sql">SQL Wachtwoord</option>
</td>
</tr>
<tr>
<td align="left"> <strong>Gebruikersnaam:</strong></td>
<td><input type="text" name="username" style="width:130px;"/></td>
</tr>
<tr>
<td align="left"> <strong>Oude wachtwoord:</strong></td>
<td><input type="password" name="oldpass" style="width:130px;"/></td>
</tr>
<tr>
<td align="left"> <strong>Nieuwe wachtwoord:</strong></td>
<td><input type="password" name="newpass" style="width:130px;" maxlength="15"/></td>
</tr>
<tr>
<td align="left"> <strong>Herhaal wachtwoord:</strong></td>
<td><input type="password" name="newpassr" style="width:130px;" maxlength="15"/></td>
</tr>
<tr>
<td align="left"></td>
<td><input type="submit" name="changepass" value="Verander!" /></td>
</tr>
</table>
</p>
</fieldset>
</div>
</form>
// Verder geen vertaling nodig qua mysql connectie etc. Scroll verder voor de error berichten.
<?php
// Ensure all the required values are passed in
if(isset($_POST['changepass'])=='Change'&&!empty($_POST['username'])&&!empty($_POST['oldpass'])&&!empty($_POST['newpass'])&&!empty($_POST['newpassr']))
{
// assign the username, password and type to variables
if(isset($_POST['username']))$username=$_POST['username'];
if(isset($_POST['oldpass']))$oldpass=($_POST['oldpass']);
if(isset($_POST['newpass']))$newpass=($_POST['newpass']);
if(isset($_POST['ptype']))$ptype=($_POST['ptype']);
// populate the SQL parameters based on type of password being changed
switch ($ptype)
{
case "e-mail":
$sql_table = "mail_users";
$sql_search_id = "mail_id";
$sql_search_field = "mail_addr";
$sql_search_pass = "mail_pass";
break;
case "ftp":
$sql_table = "ftp_users";
$sql_search_id = "userid";
$sql_search_field = "userid";
$sql_search_pass = "passwd";
break;
case "sql":
$sql_table = "sql_user";
$sql_search_id = "sqlu_id";
$sql_search_field = "sqlu_name";
$sql_search_pass = "sqlu_pass";
break;
}
// Run the SQL command to find the user and password
$sql_result = execute_query($sql,'SELECT ' . $sql_search_id . ', ' . $sql_search_pass.' FROM '. $sql_table.' WHERE '. $sql_search_field .'= "' .$username.'"');
// store the result for later processing
$user_db_id = $sql_result->fields[$sql_search_id];
$user_db_pass = $sql_result->fields[$sql_search_pass];
// Bekijk of de gebruikersnaam bestaat
if ($sql_result->RecordCount() == 0)
{
echo ('<p align="center" style="color:#F00">Incorrecte gebruikersnaam of wachtwoord, probeer opnieuw. ');
return false;
}
elseif ($sql_result->RecordCount() > 1)
{
echo ('<p align="center" style="color:#F00">Er is een error opgetreden, neem contact op met de systeembeheerder(s). ');
return false;
}
// One entry found. Check if the old password match
else
{
// check if the old passwords match
// ftp passwords are stored a bit differently than e-mail and SQL
if ($ptype == "ftp")
{
if (crypt($oldpass,$user_db_pass) == $user_db_pass)
$pass_match = 1;
else
$pass_match = 0;
}
// Check e-mail and SQL users this way
else
{
if (encrypt_db_password($oldpass) == $user_db_pass)
$pass_match = 1;
else
$pass_match = 0;
}
if ($pass_match == 1)
{
//Encrypt the new passwords
// ftp passwords are stored with crypt
if ($ptype == "ftp")
{
$new_db_pass = crypt_user_pass_with_salt($newpass);
}
// otherwise md5 with e-mail and SQL
else
{
$new_db_pass = encrypt_db_password($newpass);
}
// Perform the password update
if ($ptype == "sql")
{
// Update ispCP SQL password
$sql_result = execute_query($sql,'UPDATE ' . $sql_table . ' SET '. $sql_search_pass."='".$new_db_pass."' WHERE ". $sql_search_id .'="'.$user_db_id.'" LIMIT 1');
// update MYSQL login data
$query = execute_query($sql, 'SET PASSWORD FOR "' . $username. '"@"%" = PASSWORD("'.$newpass.'")');
$query = execute_query($sql, 'SET PASSWORD FOR "' . $username. '"@"localhost" = PASSWORD("'.$newpass.'")');
}
elseif ($ptype == "ftp")
$sql_result = execute_query($sql,'UPDATE ' . $sql_table . ' SET '. $sql_search_pass."='".$new_db_pass."' WHERE ". $sql_search_id .'="'.$user_db_id.'" LIMIT 1');
else
$sql_result = execute_query($sql,'UPDATE ' . $sql_table . ' SET '. $sql_search_pass."='".$new_db_pass."', status='change' WHERE ". $sql_search_id .'="'.$user_db_id.'" LIMIT 1');
//
echo ('<p align="center" style="color:green">Wachtwoord veranderd!<br>Vergeet niet uw wachtwoord te noteren! ');
// Write event to admin logfile
write_log($username . " changed " . $ptype . " wachtwoord door het wachtwoord tool");
// Trigger the ispCP manager to update
send_request();
}
}
echo '</p>';
}
?>
</body>
</html>
Search
Member List
Calendar
Help
/
E-mail, FTP, and SQL Password Changer - Updated
