From cb30556aafd6a0453f6bee972508d18b1348dcf3 Mon Sep 17 00:00:00 2001
From: jengo <jengo@alumni.egroupware.org>
Date: Wed, 25 Oct 2000 22:09:41 +0000
Subject: [PATCH] Update changepassword to work with LDAP

---
 admin/inc/accounts_ldap.inc.php | 24 ++--------------
 preferences/changepassword.php  | 49 ++++++++++++++++++++++++++-------
 2 files changed, 41 insertions(+), 32 deletions(-)

diff --git a/admin/inc/accounts_ldap.inc.php b/admin/inc/accounts_ldap.inc.php
index ed7f9adca5..9900e3db06 100644
--- a/admin/inc/accounts_ldap.inc.php
+++ b/admin/inc/accounts_ldap.inc.php
@@ -31,26 +31,6 @@
      }
      return $searchline;
   }
-
-  function descryptpass($userpass, $random)
-  {
-    $lcrypt = "{crypt}";
-    $password = crypt($userpass);
-    $ldappassword = sprintf("%s%s", $lcrypt, $password);
- 
-    return $ldappassword;
-  }
-
-  function md5cryptpass($userpass, $random)
-  {
-    $bsalt = "$1$";
-    $lcrypt = "{crypt}";
-    $modsalt = sprintf("%s%s", $bsalt, $random);
-    $password = crypt($userpass, $modsalt);
-    $ldappassword = sprintf("%s%s", $lcrypt, $password);
-  
-    return $ldappassword;
-  }
   
   // Not the best method, but it works for now.
   function account_total()
@@ -106,12 +86,12 @@
 
      if ($phpgw_info["server"]["ldap_encryption_type"] == "DES") {
         $salt = $phpgw->common->randomstring(2);
-        $account_info["passwd"] = descryptpass($account_info["passwd"], $salt);
+        $account_info["passwd"] = $phpgw->common->des_cryptpasswd($account_info["passwd"], $salt);
      }
 
      if ($phpgw_info["server"]["ldap_encryption_type"] == "MD5") {
         $salt = $phpgw->common->randomstring(9);
-        $account_info["passwd"] = md5cryptpass($account_info["passwd"], $salt);
+        $account_info["passwd"] = $phpgw->common->md5_cryptpasswd($account_info["passwd"], $salt);
      }
 
      // This method is only temp.  We need to figure out the best way to assign uidnumbers and
diff --git a/preferences/changepassword.php b/preferences/changepassword.php
index 85eed3a7d0..a4f7959da8 100755
--- a/preferences/changepassword.php
+++ b/preferences/changepassword.php
@@ -52,11 +52,13 @@ if (! $submit) {
     </table>
    </form>
    <br>
-   <pre><?php echo lang("note: This feature does *not* change your email password. This will "
-            		   . "need to be done manually."); ?>
-   </pre>
-<?php
-  $phpgw->common->phpgw_footer();
+   <?php
+     if ($phpgw_info["server"]["auth_type"] != "ldap") {
+        echo "<pre>" . lang("note: This feature does *not* change your email password. This will "
+            	   	   . "need to be done manually.") . "</pre>";
+     }
+     $phpgw->common->phpgw_footer();
+     
 } else {
    if ($n_passwd != $n_passwd_2)
       $error = lang("the two passwords are not the same");
@@ -70,14 +72,41 @@ if (! $submit) {
       exit;
    }
 
-   $phpgw->db->query("update accounts set account_pwd='" . md5($n_passwd) . "', "
-	              . "account_lastpwd_change='" . time() . "' where account_lid='"
-	              . $phpgw_info["user"]["userid"] . "'");
+   if ($phpgw_info["server"]["auth_type"] == "sql") {
+      $phpgw->db->query("update accounts set account_pwd='" . md5($n_passwd) . "' "
+	                  . "where account_lid='" . $phpgw_info["user"]["userid"] . "'");
+   }
+
+   if ($phpgw_info["server"]["auth_type"] == "ldap") {
+      $ldap = ldap_connect($phpgw_info["server"]["ldap_host"]);
+
+      if (! @ldap_bind($ldap, $phpgw_info["server"]["ldap_root_dn"], $phpgw_info["server"]["ldap_root_pw"])) {
+         echo "<p><b>Error binding to LDAP server.  Check your config</b>";
+         exit;
+      }
+
+      if ($phpgw_info["server"]["ldap_encryption_type"] == "DES") {
+         $salt = $phpgw->common->randomstring(2);
+         $n_passwd = $phpgw->common->des_cryptpasswd($n_passwd, $salt);
+      }
+      if ($phpgw_info["server"]["ldap_encryption_type"] == "MD5") {
+         $salt = $phpgw->common->randomstring(9);
+         $n_passwd = $phpgw->common->md5_cryptpasswd($n_passwd, $salt);
+      }
+      $entry["userpassword"] = $n_passwd;
+
+      $dn = sprintf("uid=%s, %s", $phpgw_info["user"]["userid"],$phpgw_info["server"]["ldap_context"]);
+      @ldap_modify($ldap, $dn, $entry);
+   }
 
    // Since they are logged in, we need to change the password in sessions
-   // in case they decied to check there mail.
+   // in case they decied to check there mail.   
    $phpgw->db->query("update sessions set session_pwd='" . $phpgw->common->encrypt($n_passwd)
-	              . "' where session_lid='" . $phpgw_info["user"]["userid"] . "'");
+	               . "' where session_lid='" . $phpgw_info["user"]["userid"] . "'");
+
+   // Update there last password change
+   $phpgw->db->query("update accounts set account_lastpwd_change='" . time() . "' where account_id='"
+   				. $phpgw_info["user"]["account_id"] . "'");
 
    Header("Location: " . $phpgw->link($phpgw_info["server"]["webserver_url"]
 	. "/preferences/","cd=18"));