It's Alessio Placitelli's playground
Postfix e cambio password utente Roundcube 0.2 Stable
The following hack allows users to change their own email password in roundcube 0.2-stable.
Updated: Thanks to Lukather from roundcubeforum.net a bug which wiped out email passwords has been fixed
Step 1. Modifying program\steps\settings\save_prefs.inc
Aproximately near line 28, there is a block where an array is declared. It starts with “$a_user_prefs = array(“. Just add the following line under the “‘prefer_html’ => isset($_POST['_prefer_html']) ? TRUE : FALSE,” line
// Password MOD 'password' => isset($_POST['_password']) ? TRUE : FALSE, // End Password MOD
Now after the “foreach ((array)$CONFIG['dont_override'] as $p)” near line 39, add the block which handles password saving to DB
// Password MOD
if (isset($_POST['_password']) && !empty($_POST['_password']))
{
$tmpEncPass = YourEncryptionFunctionHERE($_POST['_password'], "");
mysql_query("UPDATE CCC.TableWithPasswordHERE SET password = '".$tmpEncPass."' WHERE username = '".$_SESSION['username']."'")
or die(mysql_error());
$_SESSION['password'] = encrypt_passwd($_POST['_password']);
}
// End Password MOD
In case your database holds encrypted user passwords, put the name of the hashing function in place of YourEncryptionFunctionHERE. If you are storing MD5 hashes of the password in your database and the hashing function you use is md5, you would be writing that instead of YourEncryptionFunctionHERE. Don’t forget to change the query in mysql_query to make it work with your database.
Step 2. Modifying program\steps\settings\func.inc
Near line 161, look for “if ($table->size())“. Before this line, add the following block:
// Password MOD
$field_id = 'rcmfd_password';
$input_password = new html_inputfield(array('name' => '_password', 'id' => $field_id, 'size' => 20));
$table->add('title', html::label($field_id, /*Q(rcube_label('skin'))*/ 'Password'));
$table->add(null, $input_password->show());
// End Password MOD
Feel free to ask for help by writing a comment!
| Print article | This entry was posted by Alessio Placitelli on 11 February 2009 at 14:42, and is filed under Tips and Tricks. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site. |
English
about 1 year ago
Please help me how to set up step by step for user to change password in roundcube-0.2-stable. When change 2 file save and func then which file need change any more or file patch for this version ?
thank so much
about 1 year ago
I’m sorry, but I don’t think I understand your question
You just need to modify those two files I’ve talked about in the tutorial and you need to be sure that the UPDATE query reflects your database structure.
about 1 year ago
sorry because i’m not good in english, I modify 2 file save_prefs.inc and func.inc according to your tutorial but i’ve not seen password button in tab Personal Settings . please help me !
thanks
about 1 year ago
If nothing is shown in the Personal Settings page, then you made some mistake when modifying the func.inc file, since that file handles displaying the box… check it again, are you sure you added the code after the correct line?
about 1 year ago
It works for me only after i replace string 9 on this:
$_SESSION['password'] = $RCMAIL->encrypt_passwd($_POST['_password']);
about 1 year ago
Thank you for reporting that! Which Roundcube version are you using?
about 1 year ago
Sorry for my english. I’m full dummy in programming. But i need to ask you. I changed every thing as you say, but nofing changed in my RoundCube. Is in Your coding below name of database, or database user, becose i think, i need change this parameters (my hoster give name for my DB and user and it’s not odinary RCEmail DB name).
Thank you very mach for answer.
about 1 year ago
Hi Sergey, you need to change the “CCC.TableWithPasswordHERE ..” part with the name of your database in place of CCC and the name of the user table in place of TableWithPasswordHERE.
Both names depend on the mail agent you are using!
So
CCC = Name of the database
TableWithPasswordHERE = Name of the table containing user credentials
about 1 year ago
Thank you for answering, but it still not help me, becouse i don’t heve table wich have field “password”. I have field “preferences”, in it stored information about user (and password too). Pardon for took your time, i go look for some thing else. Thank you.