/usr/share/horde/passwd/lib/Driver/Http.php is in php-horde-passwd 5.0.2-3+deb8u1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 | <?php
/**
* Copyright 2000-2014 Horde LLC (http://www.horde.org/)
*
* See the enclosed file COPYING for license information (GPL). If you
* did not receive this file, see http://www.horde.org/licenses/gpl.
*
* @category Horde
* @copyright 2000-2014 Horde LLC
* @license http://www.horde.org/licenses/gpl GPL
* @package Passwd
*/
/**
* Driver to change a user's password via a web based interface.
*
* @author Michael Rubinsky <mrubinsk@horde.org>
* @author Michael Slusarz <slusarz@horde.org>
* @category Horde
* @copyright 2000-2014 Horde LLC
* @license http://www.horde.org/licenses/gpl GPL
* @package Passwd
*/
class Passwd_Driver_Http extends Passwd_Driver
{
/**
*/
protected function _changePassword($user, $oldpass, $newpass)
{
// Add the required fields that most web-based forms would use.
// Then add any fields that were passed in _params['fields'].
$post_data = array_merge(array(
$this->_params['username'] => $user,
$this->_params['oldPasswd'] => $oldpass,
$this->_params['passwd1'] => $newpass,
$this->_params['passwd2'] => $newpass
), $this->_params['fields']);
// Send the request
try {
$response = $GLOBALS['injector']->getInstance('Horde_Core_Factory_HttpClient')->create()->post($this->_params['url'], $post_data);
} catch (Horde_Http_Exception $e) {
throw new Passwd_Exception($e);
}
// Make sure we have a good response code
if ($response->code != 200) {
throw new Passwd_Exception(_("The requested website for changing user passwords could not be reached."));
}
// We got *some* response from the server, so get the content and
// let's see if we can't figure out if it was a success or not.
$body = $response->getBody();
if (strpos($body, $this->_params['eval_results']['badPass'])) {
throw new Passwd_Exception(_("Incorrect old password."));
}
if (strpos($body, $this->_params['eval_results']['badUser'])) {
throw new Passwd_Exception(_("The username could not be found."));
}
if (!strpos($body, $this->_params['eval_results']['success'])) {
throw new Passwd_Exception(_("Your password could not be changed."));
}
}
}
|