i finnally nailed the bug. the driver for ispcp 1.0.7 has a function which expects two parameters, the current and the new password. the current password parameter is being processed but never really used. BUT the ispcp password plugin calls password_save with only one argument and the new password ($password) stays empty. so that's never going to work that way...
solution:
remove the first parameter $curpass and comment all lines that use it in the 1.0.7 driver.
in the ispcp_pw_changer.php change the line (somewhere round line 88)
PHP Code:
if (!($res = $this->_save($newpass))) {
to
PHP Code:
if (!($res = $this->_save($newpwd))) {
since password_save already encrypts the password and some lines above the password is encrypted also, we would end up with double encryption.
for the author of the plugin:
* please fix the above
* take your time to release a bundled version of the plugin containing both drivers or put it on github or whatever.
* clean the code and don't use function names multiple times like password_save, that's pretty confusing
Thx for your time,
Florian Reinhard
Search
Member List
Calendar
Help
/
[HowTo] Password Change Roundcube 0.5 (and 0.4.2)
