1: <?php
2: /**
3: * The vpopmail class attempts to change a user's password for vpopmail based
4: * servers. It is very similar to the more generic sql driver, and the two
5: * should probably be merged into one driver if possible.
6: *
7: * Copyright 2002-2012 Horde LLC (http://www.horde.org/)
8: *
9: * See the enclosed file COPYING for license information (GPL). If you
10: * did not receive this file, see http://www.horde.org/licenses/gpl.php.
11: *
12: * @author Anton Nekhoroshikh <anton@valuehost.ru>
13: * @author Mike Cochrane <mike@graftonhall.co.nz>
14: * @author Ilya Krel <mail@krel.org>
15: * @author Tjeerd van der Zee <admin@xar.nl>
16: * @author Mattias Webjörn Eriksson <mattias@webjorn.org>
17: * @author Eric Jon Rostetter <eric.rostetter@physics.utexas.edu>
18: * @author Ralf Lang <lang@b1-systems.de>
19: * @package Passwd
20: */
21: class Passwd_Driver_Vpopmail extends Passwd_Driver
22: {
23: /**
24: * The Horde_Db object.
25: *
26: * @var Horde_Db_Adapter
27: */
28: protected $_db;
29:
30: /**
31: * State of SQL connection.
32: *
33: * @var boolean
34: */
35: protected $_connected = false;
36:
37: /**
38: * Constructor.
39: *
40: * @param array $params A hash containing connection parameters.
41: *
42: * @throws Passwd_Exception
43: */
44: public function __construct($params = array())
45: {
46: if (isset($params['db'])) {
47: $this->_db = $params['db'];
48: unset($params['db']);
49: } else {
50: throw new Passwd_Exception('Missing required Horde_Db_Adapter object');
51: }
52:
53: /* Use defaults from Horde. */
54: $this->_params = array_merge(
55: Horde::getDriverConfig('', 'sql'),
56: array('table' => 'horde_users',
57: 'encryption' => 'crypt',
58: 'name' => 'pw_name',
59: 'domain' => 'pw_domain',
60: 'passwd' => 'pw_passwd',
61: 'clear_passwd' => 'pw_clear_passwd',
62: 'use_clear_passwd' => false,
63: 'show_encryption' => false),
64: $params);
65: }
66:
67:
68: /**
69: * Finds out if a username and password is valid.
70: *
71: * @param string $username The username to check.
72: * @param string $old_password An old password to check.
73: *
74: * @throws Passwd_Exception
75: */
76: protected function _lookup($username, $old_password)
77: {
78: /* Only split up username if domain is set in backend configuration. */
79: if (!empty($this->_params['domain'])) {
80: list($name, $domain) = explode('@', $username);
81: } else {
82: $name = $username;
83: }
84:
85: /* Build the SQL query. */
86: $sql = 'SELECT ' . $this->_params['passwd'] .
87: ' FROM ' . $this->_params['table'] .
88: ' WHERE ' . $this->_params['name'] . ' = ?';
89: $values = array($name);
90: if ($this->_params['domain']) {
91: $sql .= ' AND ' . $this->_params['domain'] . ' = ?';
92: $values[] = $domain;
93: }
94:
95: /* Execute the query. */
96: try {
97: $result = $this->_db->selectOne($sql, $values);
98: } catch (Horde_Db_Exception $e) {
99: throw new Passwd_Exception($e);
100: }
101:
102: if (is_array($result)) {
103: $current_password = $result[$this->_params['passwd']];
104: } else {
105: throw new Passwd_Exception(_("User not found"));
106: }
107:
108: /* Check the passwords match. */
109: $this->_comparePasswords($current_password, $old_password);
110: }
111:
112: /**
113: * Modifies a SQL password record for a user.
114: *
115: * @param string $username The user whose record we will udpate.
116: * @param string $new_password The new password value to set.
117: *
118: * @throws Passwd_Exception
119: */
120: protected function _modify($username, $new_password)
121: {
122: /* Only split up username if domain is set in backend. */
123: if ($this->_params['domain']) {
124: list($name, $domain) = explode('@', $username);
125: } else {
126: $name = $username;
127: }
128:
129: /* Encrypt the password. */
130: $clear_password = $new_password;
131: $new_password = $this->_encryptPassword($new_password);
132:
133: /* Build the SQL query. */
134: $sql = 'UPDATE ' . $this->_params['table'] .
135: ' SET ' . $this->_params['passwd'] . ' = ?';
136: $values = array($new_password);
137: if ($this->_params['use_clear_passwd']) {
138: $sql .= ', ' . $this->_params['clear_passwd'] . ' = ?';
139: $values[] = $clear_password;
140: }
141: $sql .= ' WHERE ' . $this->_params['name'] . ' = ?';
142: $values[] = $name;
143: if ($this->_params['domain']) {
144: $sql .= ' AND ' . $this->_params['domain'] . ' = ?';
145: $values[] = $domain;
146: }
147:
148: /* Execute the query. */
149: try {
150: $this->_db->update($sql, $values);
151: } catch (Horde_Db_Exception $e) {
152: throw new Passwd_Exception($e);
153: }
154: }
155:
156: /**
157: * Changes the user's password.
158: *
159: * @param string $username The user for which to change the password.
160: * @param string $old_password The old (current) user password.
161: * @param string $new_password The new user password to set.
162: *
163: * @throws Passwd_Exception
164: */
165: public function changePassword($username, $old_password, $new_password)
166: {
167: /* Check the current password. */
168: $this->_lookup($username, $old_password);
169: $this->_modify($username, $new_password);
170: }
171: }
172: