/usr/share/postfixadmin/users/password.php is in postfixadmin 3.0.2-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 | <?php
/**
* Postfix Admin
*
* LICENSE
* This source file is subject to the GPL license that is bundled with
* this package in the file LICENSE.TXT.
*
* Further details on the project are available at http://postfixadmin.sf.net
*
* @version $Id: password.php 1842 2016-05-20 20:42:04Z christian_boltz $
* @license GNU GPL v2 or later.
*
* File: password.php
* Used by users to change their mailbox (and login) password.
* Template File: password.tpl
*
* Template Variables:
*
* none
*
* Form POST \ GET Variables:
*
* fPassword_current
* fPassword
* fPassword2
*/
$rel_path = '../';
require_once('../common.php');
authentication_require_role('user');
$username = authentication_get_username();
$pPassword_password_text = "";
$pPassword_password_current_text = "";
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (safepost('token') != $_SESSION['PFA_token']) die('Invalid token!');
if(isset($_POST['fCancel'])) {
header("Location: main.php");
exit(0);
}
$fPassword_current = $_POST['fPassword_current'];
$fPassword = $_POST['fPassword'];
$fPassword2 = $_POST['fPassword2'];
$error = 0;
$validpass = validate_password($fPassword);
if(count($validpass) > 0) {
flash_error($validpass[0]); # TODO: honor all error messages, not only the first one
$error += 1;
}
$mh = new MailboxHandler;
if(!$mh->login($username, $fPassword_current)) {
$error += 1;
$pPassword_password_current_text = $PALANG['pPassword_password_current_text_error'];
}
if (empty ($fPassword) or ($fPassword != $fPassword2))
{
$error += 1;
$pPassword_password_text = $PALANG['pPassword_password_text_error'];
}
if ($error == 0)
{
$mh->init($username); # TODO: error handling
if($mh->change_pw($fPassword, $fPassword_current) ) {
flash_info(Config::Lang_f('pPassword_result_success', $username));
header("Location: main.php");
exit(0);
}
else
{
flash_error(Config::Lang_f('pPassword_result_error', $username));
}
}
}
$smarty->assign ('SESSID_USERNAME', $username);
$smarty->assign ('pPassword_password_current_text', $pPassword_password_current_text, false);
$smarty->assign ('pPassword_password_text', $pPassword_password_text, false);
$smarty->assign ('smarty_template', 'password');
$smarty->display ('index.tpl');
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
?>
|