Postfix e cambio password utente Roundcube 0.2 Stable
by Alessio Placitelli on Feb.11, 2009, under Tips and Tricks
The following hack allows users to change their own email password in roundcube 0.2-stable.
Updated: Thanks to Lukather from roundcubeforum.net a bug which wiped out email passwords has been fixed
Step 1. Modifying program\steps\settings\save_prefs.inc
Aproximately near line 28, there is a block where an array is declared. It starts with “$a_user_prefs = array(“. Just add the following line under the “‘prefer_html’ => isset($_POST['_prefer_html']) ? TRUE : FALSE,” line
// Password MOD 'password' => isset($_POST['_password']) ? TRUE : FALSE, // End Password MOD
Now after the “foreach ((array)$CONFIG['dont_override'] as $p)” near line 39, add the block which handles password saving to DB
// Password MOD
if (isset($_POST['_password']) && !empty($_POST['_password']))
{
$tmpEncPass = YourEncryptionFunctionHERE($_POST['_password'], "");
mysql_query("UPDATE CCC.TableWithPasswordHERE SET password = '".$tmpEncPass."' WHERE username = '".$_SESSION['username']."'")
or die(mysql_error());
$_SESSION['password'] = encrypt_passwd($_POST['_password']);
}
// End Password MOD
In case your database holds encrypted user passwords, put the name of the hashing function in place of YourEncryptionFunctionHERE. If you are storing MD5 hashes of the password in your database and the hashing function you use is md5, you would be writing that instead of YourEncryptionFunctionHERE. Don’t forget to change the query in mysql_query to make it work with your database.
Step 2. Modifying program\steps\settings\func.inc
Near line 161, look for “if ($table->size())“. Before this line, add the following block:
// Password MOD
$field_id = 'rcmfd_password';
$input_password = new html_inputfield(array('name' => '_password', 'id' => $field_id, 'size' => 20));
$table->add('title', html::label($field_id, /*Q(rcube_label('skin'))*/ 'Password'));
$table->add(null, $input_password->show());
// End Password MOD
Feel free to ask for help by writing a comment!
9 Comments for this entry
1 Trackback or Pingback for this entry
-
Change password postfix+courier+mysql - Page 4 - RoundCube Webmail Forum
February 14th, 2009 on 17:48[...] the updated tutorial which makes the hack work on rc 0.2stable Updated Tutorial Last edited by Dexterp37; Yesterday at 08:02 PM.. Reason: Missing [...]
English
March 9th, 2009 on 9:06
Please help me how to set up step by step for user to change password in roundcube-0.2-stable. When change 2 file save and func then which file need change any more or file patch for this version ?
thank so much
March 9th, 2009 on 17:38
I’m sorry, but I don’t think I understand your question
You just need to modify those two files I’ve talked about in the tutorial and you need to be sure that the UPDATE query reflects your database structure.
March 10th, 2009 on 2:41
sorry because i’m not good in english, I modify 2 file save_prefs.inc and func.inc according to your tutorial but i’ve not seen password button in tab Personal Settings . please help me !
thanks
March 10th, 2009 on 13:57
If nothing is shown in the Personal Settings page, then you made some mistake when modifying the func.inc file, since that file handles displaying the box… check it again, are you sure you added the code after the correct line?
March 31st, 2009 on 21:14
It works for me only after i replace string 9 on this:
$_SESSION['password'] = $RCMAIL->encrypt_passwd($_POST['_password']);
March 31st, 2009 on 21:20
Thank you for reporting that! Which Roundcube version are you using?
May 20th, 2009 on 0:27
Sorry for my english. I’m full dummy in programming. But i need to ask you. I changed every thing as you say, but nofing changed in my RoundCube. Is in Your coding below name of database, or database user, becose i think, i need change this parameters (my hoster give name for my DB and user and it’s not odinary RCEmail DB name).
Thank you very mach for answer.
May 22nd, 2009 on 10:58
Hi Sergey, you need to change the “CCC.TableWithPasswordHERE ..” part with the name of your database in place of CCC and the name of the user table in place of TableWithPasswordHERE.
Both names depend on the mail agent you are using!
So
CCC = Name of the database
TableWithPasswordHERE = Name of the table containing user credentials
May 26th, 2009 on 5:37
Thank you for answering, but it still not help me, becouse i don’t heve table wich have field “password”. I have field “preferences”, in it stored information about user (and password too). Pardon for took your time, i go look for some thing else. Thank you.