Created
February 17, 2014 09:15
-
-
Save tjarksaul/9047330 to your computer and use it in GitHub Desktop.
Script to change vbox user password on uberspace. Thanks to @_einstein_
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if($_SERVER["HTTPS"] != "on") { | |
| header("HTTP/1.1 301 Moved Permanently"); | |
| header("Location: https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]); | |
| exit(); | |
| } | |
| function setNewPassword($strMailbox, $strPassword) | |
| { | |
| $strPassword = utf8_decode($strPassword); | |
| $strCommand = 'vpasswd ' . $strMailbox; | |
| $descriptorspec = array( | |
| 0 => array("pipe", "r") | |
| ); | |
| $process = proc_open($strCommand, $descriptorspec, $pipes, NULL, NULL); | |
| if(is_resource($process)) { | |
| fwrite($pipes[0], $strPassword); | |
| fclose($pipes[0]); | |
| $return_value = proc_close($process); | |
| if($return_value == 0) { | |
| return true; | |
| } | |
| } | |
| return false; | |
| } | |
| $gotData = false; | |
| if(isset($_GET['gotData'])) { | |
| $gotData = (bool)$_GET['gotData']; | |
| if($gotData === true) { | |
| $name = (string)$_POST['mail']; | |
| $password = (string)$_POST['oldpw']; | |
| $newpw = (string)$_POST['newpw']; | |
| // TEST | |
| $mbox = @imap_open("{localhost:993/imap/ssl/novalidate-cert}", $name.'@meine-uberspacedomain.de', $password); | |
| if($mbox != false) { | |
| //Login korrekt: Passwort ändern | |
| setNewPassword($name, $newpw); | |
| echo '<h2 style="color: #0F0;">Passwort geändert!</h2><br />'; | |
| } else { | |
| echo '<h2 style="color: #F00;">Falsche Logindaten!</h2><br />'; | |
| } | |
| } | |
| } | |
| ?> | |
| <html> | |
| <head> | |
| <title>Passwort ändern</title> | |
| <meta charset="utf-8"> | |
| </head> | |
| <body> | |
| <h2>Passwort ändern</h2> | |
| <small>Hässliches Script, hauptsache es funzt ;-) HTTPS only.</small> | |
| <br /><br /> | |
| <form action="changemail.php?gotData=true" method="POST"> | |
| <table> | |
| <tr> | |
| <td>Name</td> | |
| <td><input type="text" name="mail"></td> | |
| <td>@meine-uberspacedomain.de</td> | |
| </tr> | |
| <tr> | |
| <td>Altes PW</td> | |
| <td><input type="password" name="oldpw"></td> | |
| <td></td> | |
| </tr> | |
| <tr> | |
| <td>Neues PW</td> | |
| <td><input type="password" name="newpw"></td> | |
| <td></td> | |
| </tr> | |
| <tr> | |
| <td></td> | |
| <td></td> | |
| <td><input type="submit" value="Ändern"></td> | |
| </tr> | |
| </table> | |
| </form> | |
| </body> | |
| </html> |
Thanks for this script!
I would suggest to escape the $strMailbox value before passing it to proc_open. It can be a high security risk if this script is public.
$strCommand = 'vpasswd ' . escapeshellarg($strMailbox);
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
thanks for your code.
I reused it to build a simple and working password change integration for Horde on Uberspace (https://github.com/OldShatterhand77/Uberspace-vmail.inc-for-Horde).
Hope that's ok for you :).