A day in the life…
Change Virutal User Password in Roundcube
************************************************ UPDATE *****************************************************************
THIS POST IS IRRELEVANT TO A CERTAIN POINT — THE NEWEST VERSION OF ROUDCUBE HAS A PASSWORD PLUGIN THAT PERFORMS THIS SAME ACTION. YOU STILL NEED TO EDIT THE SQL STRING TO UPDATE YOUR USERS TABLE ACCORDINGLY. PLEASE REFERENCE THE PLUGIN API OR ROUNDCUBE FORUM IF YOU HAVE ANY FURTHER QUESTIONS OR CONCERNS!!!
*************************************************************************************************************************
I have had quite a struggle over the past few weeks trying to get a good webmail client working properly for my email domains. In times past I have used Roundcube, but that was only with a single domain and UNIX based user accounts. My new setup was configured for virtual domains and virtual users and unfortunately I was struggling to get Roundcube functioning for me in this context. After several long nights I finally got an instance of Roundcube to represent each of my virtual domains. My relief quickly turned to despair as I realized that Roundcube didn’t have a plugin that allowed my users to change their encrypted database password. I certainly did not want the responsibility of knowing all my users passwords and having them email me whenever they wanted to change their password. I came to the conclusion that this was a deal breaker for me — I either had to find a way to allow my users to change their passwords independent of me via Roundcube or I was going to go back to SquirrelMail. In all fairness SquirrelMail has an awesome array of plugins and functionality that Roundcube doesn’t even begin to offer — BUT SquirrelMail is still running on Web 1.0 (aka it looks like a 1990′s webmail client).
After a lot of google searching and A LOT of failed attempts at getting Roundcube to change the user’s passwords I finally came upon some code that I was able to piece together and make work. This code is not written or maintained by me — credit goes to Nemesis02 and xul from the Roundcube forums as well as credit goes to Jonny Grover who helped me find a few misplaced quotation marks. So without further adieu here it is:
Requirements:
Working email server (either POP/IMAP and SMTP)
Working installation of Roundcube (version 0.2-stable)
Write access to your database server
Database that contains user names, domains and passwords
Write access to your Roundcube files
Ok we are going to start editing a few files so be patient.
1. Open roundcube/index.php
==========================================================Find [~ Line 188 ]
'settings' => array( 'folders' => 'manage_folders.inc', 'create-folder' => 'manage_folders.inc', 'rename-folder' => 'manage_folders.inc', 'delete-folder' => 'manage_folders.inc', 'subscribe' => 'manage_folders.inc', 'unsubscribe' => 'manage_folders.inc', 'add-identity' => 'edit_identity.inc', )
==========================================================Change it to say:
'settings' => array( 'folders' => 'manage_folders.inc', 'create-folder' => 'manage_folders.inc', 'rename-folder' => 'manage_folders.inc', 'delete-folder' => 'manage_folders.inc', 'subscribe' => 'manage_folders.inc', 'unsubscribe' => 'manage_folders.inc', 'add-identity' => 'edit_identity.inc', 'password' => 'password.inc', 'save-password' => 'password.inc', )
2. Open roundcube/program/js/app.js
==========================================================Find [ ~ Line 238 ]
case 'settings': this.enable_command("preferences", "identities", "save", "folders", true);==========================================================edit it to say:
case 'settings': this.enable_command("preferences", "identities", "save", "folders", "password", true);==========================================================Find this line [ ~ Line 239 ]
if(this.env.action=="identities"||this.env.action=="edit-identity"||this.env.action=="add-identity"){ this.enable_command("add",this.env.identities_level<2); this.enable_command("delete","edit",true); }==========================================================and then insert above it:
if (this.env.action=='password' || this.env.action=='save-password') { var input_current_password = rcube_find_object('_current_password'); var input_new_password = rcube_find_object('_new_password'); var input_repeat_password = rcube_find_object('_repeat_password'); if (input_current_password && input_current_password.value=='') input_current_password.focus(); else if (input_repeat_password) input_repeat_password.focus(); this.enable_command('save-password', true); }==========================================================Find this line [ ~ Line 904]
case 'delete-folder': this.delete_folder(props); break;==========================================================Insert after it the following:
case 'password': this.goto_url('password'); break; case 'save-password': var input_current_password = rcube_find_object('_current_password'); var input_new_password = rcube_find_object('_new_password'); var input_repeat_password = rcube_find_object('_repeat_password'); if ((input_new_password && input_new_password.value=='') && (input_repeat_password && input_repeat_password.value=='') || (input_current_password && input_current_password.value=='')) { alert(this.get_label('nopassword')); input_current_password.value=''; input_new_password.value=''; input_repeat_password.value=''; input_current_password.focus(); } else if ((input_new_password && input_repeat_password) && ( input_new_password.value != input_repeat_password.value)) { alert(this.get_label('passwordinconsistency')); input_new_password.value=''; input_repeat_password.value=''; input_new_password.focus(); } else this.gui_objects.editform.submit(); break;
3. Open program/localization/en_US/labels.inc
Insert at the end of the file:
$labels['changepassword'] = 'Change Password'; $labels['current_password'] = 'Current Password'; $labels['new_password'] = 'New Password'; $labels['repeat_password'] = 'Repeat Password';
4. Open program/localization/en_US/messages.inc
Insert at the end of the file:
$messages['nopassword'] = "Please input new password."; $messages['passwordinconsistency'] = "Inconsistency of password, please try again.";
5. Open program/localization/en_GB/labels.inc
Insert at the end of the file:
$labels['changepassword'] = 'Change Password'; $labels['current_password'] = 'Current Password'; $labels['new_password'] = 'New Password'; $labels['repeat_password'] = 'Repeat Password';
6. Open program/localization/en_GB/messages.inc
Insert at the end of the file:
$messages['nopassword'] = "Please input new password."; $messages['passwordinconsistency'] = "Inconsistency of password, please try again.";
7. Open skins/default/includes/settingstab.html
Insert at the end of the file:
<span id="settingstabpassword" class="tablink"><roundcube:button command="password" type="link" label="password" title="changepassword" class="tablink" /></span>
8. Create this file roundcube/skins/default/templates/password.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><roundcube:object name="pagetitle" /></title>
<roundcube:include file="/includes/links.html" />
<link rel="stylesheet" type="text/css" href="/settings.css" />
</head>
<body>
<roundcube:include file="/includes/taskbar.html" />
<roundcube:include file="/includes/header.html" />
<roundcube:include file="/includes/settingstabs.html" />
<div id="userprefs-box">
<div id="userprefs-title"><roundcube:label name="changepassword" /></div>
<div style="padding:15px">
<roundcube:object name="passwordform">
<p><br /><roundcube:button command="save-password" type="input" class="button" label="save" /></p>
</div>
</div>
<roundcube:include file="/includes/settingscripts.html" />
</body>
</html>
9. Create roundcube/program/steps/settings/password.inc
You MUST update the query string for your database tables and fields !!!
<?PHP /**************************************************************** * Roundcube password manager * works with v.2-stable /****************************************************************/ function rcube_password_form($attrib) { global $RCMAIL, $OUTPUT, $CONFIG; $a_show_cols = array( 'current_password' => array( 'type' => 'text'), 'new_password' => array( 'type' => 'text'), 'repeat_password' => array( 'type' => 'text')); list($form_start, $form_end) = get_form_tags($attrib, 'save-password', array() ); $out = "{$form_start}<table>\r\n\r\n"; foreach ($a_show_cols as $col => $colprop) { $label = strlen($colprop['label']) ? $colprop['label'] : $col; $value = rcmail_get_edit_field($col, '', $attrib + array('type' => 'password', 'size' => 30), $colprop['type']); $out .= sprintf("<tr><td class=\"title\"><label for=\"%s\">%s</label></td><td>%s</td></tr>\n", $attrib['id'], Q(rcube_label($label)), $value); } $out .= "\n</table>$form_end"; return $out; } function rcube_save_password($current_password,$new_password) { global $OUTPUT, $RCMAIL; $emailuser=$_SESSION['username']; $db = rcmail::get_instance()->get_dbh(); // YOU MUST CHANGE THIS QUERY LINE TO MATCH YOUR DATABASE SETTINGS !!!!! $passwordquery = "UPDATE database.table SET password_field =ENCRYPT('".$new_password."') WHERE user_name = '".$emailuser."';"; $db->query($passwordquery); $_SESSION['password'] = encrypt_password($new_password); $OUTPUT->show_message('successfullysaved', 'confirmation'); } function encrypt_password($pass) { if (function_exists('mcrypt_module_open') && ($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, ""))) { $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND); mcrypt_generic_init($td, rcmail::get_instance()->config->get_des_key(), $iv); $cypher = mcrypt_generic($td, $pass); mcrypt_generic_deinit($td); mcrypt_module_close($td); } else if (function_exists('des')) { $cypher = des(rcmail::get_instance()->config->get_des_key(), $pass, 1, 0, NULL); } else { $cypher = $pass; raise_error(array( 'code' => 500, 'type' => 'php', 'file' => __FILE__, 'message' => "Could not convert encrypt password. Make sure Mcrypt is installed or lib/des.inc is available" ), true, false); } return base64_encode($cypher); } $OUTPUT->set_pagetitle(rcube_label("changepassword")); $OUTPUT->add_handler('passwordform', 'rcube_password_form'); $OUTPUT->add_label('passwordinconsistency', 'nopassword'); switch ($RCMAIL->action) { case "password": $OUTPUT->send("password"); break; case "save-password": $curpass = get_input_value('_current_password', RCUBE_INPUT_POST, false); $newpass = get_input_value('_new_password', RCUBE_INPUT_POST, false); $repeatpass = get_input_value('_repeat_password', RCUBE_INPUT_POST, false); if ($newpass == $repeatpass && $_SESSION['password'] == encrypt_password($curpass)) rcube_save_password($curpass,$newpass); else $OUTPUT->show_message('errorsaving', 'error'); rcmail_overwrite_action("password"); $OUTPUT->send("password"); break; } ?>
Phew 
We are finally done. The change password functionality is available under the “Personal Settings” link. I have attached a screenshot below! Hope this works for you, if not please carefully go back and make sure you have copied the above code very carefully — one missed bracket, parenthesis or semi-colon can break the code!
Please feel free to post up any comments or questions!
| Print article | This entry was posted by Andy on December 21, 2008 at 18:41, and is filed under Geek. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site. |
- Change password for virtual users – RoundCube Webmail Forum
- SVN R1395 – cPanel Addons (Password, Forward & Vacation) – Page 4 – RoundCube Webmail Forum
- SVN R1395 – cPanel Addons (Password, Forward & Vacation) – Page 5 – RoundCube Webmail Forum
- Change Password for QmailAdmin / roundcube0.2stable – RoundCube Webmail Forum
- Logout when password changes – RoundCube Webmail Forum
- Vacation responder issue – RoundCube Webmail Forum
- Logout when password changes – RoundCube Webmail Forum
- v0.2.1 virtual users, change password – RoundCube Webmail Forum
- Cambiando Contraseña de usuarios Virtuales en Roundcube 0.2.2 | JotaDeveloper
cli wallpaper
about 5 hours ago - No comments
This is a cool wallpaper I came across that has some basic linux cli commands put together in a simple, but classy wallpaper. Enjoy. image courtesy of tuxtraining.com
Phun phones
about 2 months ago - 1 comment
This past weekend Tash and I decided that we were going to take advantage of the sweeeeeeet deal that T-mobile was running — you could get ANY T-mobile (in-store) phone for free with the activation of a new family plan (2 yr agreement). (http://www.cnet.com/8301-17918_1-20008120-85.html) For the last year we have been with Verizon Wireless and
DKIM + SPF + SMTP
about 2 months ago - 1 comment
How about those acronyms for ya? Ok so if you can’t tell this is going to be a geeky post — so you have been forewarned. Ok now that is out of the way lets clear the water with a few definitions: DKIM (DomainKeys Identified Mail) – lets an organization take responsibility for a
What your email address says about you
about 2 months ago - 1 comment
This was posted recently on theoatmeal.com. And it breaks down email addresses and points out what conclusions are being made about you based upon your electronic identity. We are in a technology age — whether you care to admit it or accept it doesn’t change the fact that it is. And in an age where
Lucid Lynx
about 4 months ago - No comments
Ubuntu 10.04 LTS is being released very soon! [ Current available version is the Release Candidate] As always there are tons of new features and much appreciated upgrades! Be first in line to grab your LTS copy!!
Server Security Scanner
about 5 months ago - 1 comment
One of the many sites I like to follow is ubuntugeek.com. Recently they have highlighted a security tool that I wanted to share with ya’ll. It is an automated vulnerability scanner that scans for the following: * Searching for worldwriteable files * Searching for worldwriteable directories * Searching for programs where the setuid is set
Lets talk about … L-I-N-U-X
about 5 months ago - No comments
At some point you gotta have the talk..
Got Virtual?
about 6 months ago - No comments
A geek with a budget. That can be frustrating. New geek toys aren’t cheap and old geek toys aren’t worth much. Welcome to my life . I am not complaining, I have an EXTREMELY understanding, wonderful and patient wife who tolerates my geek needs on a daily basis — I am so lucky as to have gotten a girl that tolerates
PBX Orgasm
about 6 months ago - 2 comments
*** UPDATE *** nerdvittles.com just released the INCREDIBLE PBX which now does not require you to open external facing ports on your router/firewall and fixes some instability with the Google voice scripts (also allows for multiple Google Voice accounts on the same server)!! For those of you who follow me (all 2 of you) you
about 1 year ago
For me on Version 0,2stable, it doesn’t work.
I get a white page, when i hit the password tab.
What could be wrong.
What means: “update the query string for your database tables and fields” ? What should i do ?
about 1 year ago
I am not sure why you are getting the white page — I would suggest looking over the code again to ensure you haven’t missed a closing bracket. I got this to to work using v0.2b — which is different than the recently updated “stable” version.
Update the query string refers to the password.inc file. There is a line that updates the actual database fields — this line must be edited to reflect your specific database table names and data fields. Without updating this query string you will not be able to actually change the password. Look for the line that says:
// YOU MUST CHANGE THIS QUERY LINE TO MATCH YOUR DATABASE SETTINGS !!!!!
$passwordquery = “UPDATE database.table SET password_field =ENCRYPT(‘”.$new_password.”‘) WHERE user_name = ‘”.$emailuser.”‘;”;
This is the line that must be adapted for your installation
about 1 year ago
You might also try referencing the newer code snippets as the developers update their pages — just search for Nemesis02 and his cPanel package — and then only use the files as mentioned above . . . let us know how it works !!
about 1 year ago
Same error Markus, white page in 0.2 Stable
Could give an example of what needs to be put to connect the database.
A fictitious example.
about 1 year ago
$passwordquery = “UPDATE database.table SET password_field =ENCRYPT(‘”.$new_password.”‘) WHERE user_name = ‘”.$emailuser.”‘;”; <– This is the query string
$passwordquery = “UPDATE email.users SET userpassword =ENCRYPT(‘”.$new_password.”‘) WHERE username = ‘”.$emailuser.”‘;”; <– this is a fictitious example.
database name = email
table name = users
password field name = userpassword [this is a field inside of the users table]
username field = username [this is a field also inside of the users table]
If you are still struggling to understand this string you might want to google SQL update queries to better familiarize yourself with SQL statements.
As far as the white page goes on the stable version all I can say is good luck. I don’t have the time at the moment to piece together the updated code, but if you find Nemesis02′s cPanel package and use his updated code, just substituting the SQL update statements as shown in this example you should be able to get it working with the stable version.
about 1 year ago
hey Andy,
thanks for the post.
can you teach me how to change the query line that match my database settings?
how can i know which one is match with the db settings?
thankss..
about 1 year ago
Kurt –
Database attributes are generally kept private because it is a security risk to expose your database’s internals. As such I do not feel comfortable posting on the blog your database’s schema. If you would like me to help you form a database query string then I request that you contact me privately at my email address. Once again, please keep in mind that exposing your database schema is a security risk and should only be done with careful forethought.
If you decide to go ahead and email me I will need you to provide me with your
1) Database name
2) Table names
3) ALL fields from your users table (this is the table that stores information about your users like username, password, etc etc)
Just click the “Contact” button at the top of the screen for my email.
about 1 year ago
Hi Andy, Thanks for your excellent documentation of this. I have tried to implement this and am still unable to get it to function for my vpopmail DB. There is an issue with selecting the proper user from the multiple tables of domains/users. I did find that on line 83 of the password.inc from above that changing the rcube_add_label to $OUTPUT->add_label stopped giving the white page. Also on the index.php page the includes names may have to be changed from passwd.inc to password.inc. If it is ok with you I would like to contact you about teaching me how to set up a DB query string for my installation. Thanks much..
about 1 year ago
myrrh
Thanks for pointing those fixes out — I have updated the index.php accordingly. I did not update the password.inc file because for my version 0.2b this config works. Which version are you using? In the near future I plan on updating to 0.2 stable and corresponding files, and will update the post as I have time to test the newer code.
I am willing to take a look at your query strings however as I noted above there is a significant security weakness in allowing someone access to your database schema.
about 1 year ago
UPDATED FOR VERSION 0.2-STABLE.
I have confirmed the above code is working, if it doesn’t work for you please go back and check to make sure you’ve followed all the instructions carefully!
about 1 year ago
Awesome! this was exactly what i was looking for and worked straight away.
One question though, How whould i redirect back to Inbox on successful password update?
about 1 year ago
Change Password for QmailAdmin / roundcube0.2stable
alter function ( roundcube/program/steps/settings/password.inc ):
[PHP]
function rcube_save_password($current_password,$new_password)
{
global $OUTPUT, $RCMAIL;
$emailuser=$_SESSION['username'];
//$db = rcmail::get_instance()->get_dbh();
// YOU MUST CHANGE THIS QUERY LINE TO MATCH YOUR DATABASE SETTINGS !!!!!
//$passwordquery = “UPDATE database.table SET password_field =ENCRYPT(‘”.$new_password.”‘) WHERE user_name = ‘”.$emailuser.”‘;”;
//$db->query($passwordquery);
//console(“email: $emailuser”);
//console(“current password: $current_password”);
//console(“New password: $new_password”);
//set POST variables
$url = ‘http://localhost/qmailadmin/index.cgi/passwd/’;
$fields = array(
‘address’=>urlencode($emailuser),
‘oldpass’=>urlencode($current_password),
‘newpass1′=>urlencode($new_password),
‘newpass2′=>urlencode($new_password),
);
//url-ify the data for the POST
foreach($fields as $key=>$value) { $fields_string .= $key.’=’.$value.’&’; }
rtrim($fields_string,’&’);
//open connection
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST,count($fields));
curl_setopt($ch, CURLOPT_POSTFIELDS,$fields_string);
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1);
curl_setopt($ch, CURLOPT_HEADER,0); // DO NOT RETURN HTTP HEADERS
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); // RETURN THE CONTENTS OF THE CALL
//execute post
//console(“Curl: $url$fields_string”);
$result = curl_exec($ch);
ob_start();
header(“Content-Type: text/html”);
$Temp_Output = ltrim(rtrim(trim(strip_tags(trim(preg_replace ( “/\s\s+/” , ” ” , html_entity_decode($result)))),”\n\t\r\h\v “)), “%20″);
$Temp_Output = ereg_replace (‘ +’, ‘ ‘, trim($Temp_Output));
$Temp_Output = ereg_replace(“[\r\t\n]“,”",$Temp_Output);
/* The \b in the pattern indicates a word boundary, so only the distinct
* word “web” is matched, and not a word partial like “webbing” or “cobweb” */
if (preg_match(“/\bsuccessfully\b/i”, $Temp_Output)) {
//console (“Temp_Out : $Temp_Output”);
$_SESSION['password'] = encrypt_password($new_password);
$OUTPUT->show_message(‘successfullysaved’, ‘confirmation’);
} else {
//console (“Temp_Out : $Temp_Output”);
$error_msg= explode(‘:’,$Temp_Output);
//console (“Error msg : $error_msg[0]“);
$OUTPUT->show_message(“$error_msg[0]“, ‘error’);
//$OUTPUT->show_message(‘errorsaving’, ‘error’);
}
//console (“Temp_Out : $Temp_Output”);
$Final_Out=ob_get_clean();
//console (“Final_Out : $Final_Out”);
//close connection
curl_close($ch);
}
[/PHP]
about 1 year ago
ther’s some *** Debug ** (console) – delete that
it works
with QmailAdmin : qmailadmin-toaster-1.2.11-1.3.4 (Centos 5.2)
about 1 year ago
I hove found this for my MYSQL+QMAIL+VPOPMAIL and it worked!!
http://www.roundcubeforum.net/plug-ins/4286-new-file-added-qmail-mysql-vpopmail-password-change-patch-v1-0-a.html
about 1 year ago
Charlie
I would use Javascript to redirect the URL back to the inbox after successful password change.
about 1 year ago
Thx for this man from Russia – all working
Спасибо
about 1 year ago
I made the modifications, pages seems perfect..
“Successfully saved” message apears when I try to change password..
But the password dont changes..
where could be the problem here?
about 1 year ago
I would look at your error log in the roundcube log folder — I suspect that there is some SQL errors. You need to make sure your roundcube user has the proper permissions to update your email user database.
about 1 year ago
Thanks a million for your easy to understand step-by-step tutorial! I followed your directions and got everything to work on the first run with the exception of one thing… My sql db does not have a password field so I was unable to specify the password_field name? I’m at a loss as to where to go from here. Any help would be greatly appreciated. P.S. I’m on shared host
about 1 year ago
im using roundcube 0.2.1 with hmailserver 5.
your tutorial was great, but i still having error as Medamaoyaji having. I check the logs and it give me this:
[13-Apr-2009 22:21:41] MDB2 Error: null value violates not-null constraint (-29): _doQuery: [Error message: Could not execute statement]
[Last executed query: UPDATE hmail.hm_accounts SET accountpassword = ENCRYPT('a') WHERE accountaddress = 'admin@localhost.com';]
[Native code: 1048]
[Native message: Column 'accountpassword' cannot be null]
[13-Apr-2009 14:21:41 +0000] DB Error: MDB2 Error: null value violates not-null constraint Query: _doQuery: [Error message: Could not execute statement] [Last executed query: UPDATE hmail.hm_accounts SET accountpassword = ENCRYPT('a') WHERE accountaddress = 'admin@localhost.com';] [Native code: 1048] [Native message: Column 'accountpassword' cannot be null] in C:\xampp\htdocs\roundcubemail\program\include\rcube_mdb2.php on line 539 (POST /roundcubemail/?_task=settings&_action=save-password)
im pretty sure that my sql command are right..is it because of the encryption is not working? i still dont have a clue why the ENCRYPT function didnt return a value..any help are appreciated.
about 1 year ago
Fred
As the error indicates there is a problem with the accountpassword field being empty, which it cannot be.
If it were me I would try to print some of your variables out to the screen to make sure they are not null.
For example, try printing to your screen $newpassword and make sure that it actually contains the new password string.
I would also try your SQL string directly against the database either from the console or from phpmyadmin and make sure you are updating the correct fields on the right tables.
Make sure you have the mysql-encrypt dependecies installed as well.
about 1 year ago
andy,
i have try to output all the password and found out that all of it are not null. i have also try to run the update sql command and it work in mysql. How do i check that mysql-encrypt is installed?
thanks
about 1 year ago
depends on what system you are using. Most linux distributions have some sort of repository manager that will list installed packages. However if the update statement (with the included ENCRYPT call) works directly against your SQL server then you do have the encrypt function installed. If that is the case then the only thing I can think of is that there is something that is happening in the password.inc file that shouldn’t be. Please carefully check this code to ensure that it is exactly as I have it shown. Also ensure that your roundcube user has the proper permissions on your mail database so that it can update your user table.
about 1 year ago
Hi Guy,
I have followed all steps but the PW button does not react if I click on it.
Where can I find:
[password.html]
/includes/taskbar.html
/includes/header.html
/includes/settingstabs.html
/includes/settingscripts.html
Regards,
Jan
about 1 year ago
The files can be found in the from the base folder of roundcube –> /skins/default/includes. If you are using a different theme then it will be the corresponding themes folder. I am not sure why your button isn’t working, please carefully check your code to make sure you have done everything correctly.
about 1 year ago
Do you have this working for v0.2.1??
I’ve tried fiddling with it, but there is new code (the settings array looks different, etc), and I can only get a blank page when clicking the password tab.
Thanks!
about 1 year ago
dan
I have not looked at the v0.2.1 code yet, but in the coming weeks I will find the time to take a look.
about 1 year ago
how it’s work with hmailsever?
about 1 year ago
please view this link
http://www.roundcubeforum.net/plug-ins/4699-change-password-hmailserver-5-1-a.html
about 1 year ago
Hello,
I’m using qmail with vpopmail and roundcube but WITHOUT mysql. Can anyone help me in finding a way for a user to change his password through roundcube ?
Thanks in advance.
about 1 year ago
Dear Sir,
There is no settingscripts.html file in the include folder. Could it be the error.
about 1 year ago
Good catch. This file does not exist in the includes folder
about 1 year ago
Thanks. Working 100% for me.
about 1 year ago
what sql command to give permissions roundcube users to update vpopmail database. this is my database name
vpopmail databases name: vpopmail
vpopmail username : vopmailuser
roundcube databases name : roundcubemail
roundcube username : roundcubemail
Thanks
about 1 year ago
You need to give the proper privileges to the roundcube user on your vpopmail database.
Please refer to the following documentation:
http://dev.mysql.com/doc/refman/5.1/en/privileges-provided.html
Specifically the part where it gives the syntax for granting privileges:
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, ALTER, CREATE TEMPORARY TABLES ON tmp.* TO user@localhost;
Be careful in that you don’t grant more privileges than what is absolutely necessary (security reasons). Depending on how your implementation of roundcube is configured will determine what permissions you need to grant; to change the password, the roundcube user should only require the update privilege.
about 1 year ago
I can’t install roundcube on my Mail Server. So, my qmail Databse is not on my roundcube server.
Am i need a new connection string for change password?
Please help me solve it.
about 1 year ago
Hi Andy,
I want to say THANK YOU! Your tutorial is GREAT, Change pass look and work PERFECT!
Great job, Thanx again.
Regards, Frost
about 1 year ago
Hi Andy,
Great works and thx!
some when i click the password button is nothing happen.it wont go anywhere pls help!!
about 1 year ago
I am sorry but I do not understand what you are asking. Please be clear and concise in your phrasing.
about 1 year ago
Hi there, Andy
First of all, great tutorial, easy to understand, even for a noob like me.
OKay, so it seems i have an issue, just like another poster before me.
When i change the password, it gives me the message that everything went fine, the password changes, but it’s not the one that i set up. Seems like the encryption is not what it’s supposed to be, I guess…
Any advice on that?
about 1 year ago
Hi Andy.
had a problem with the encryption done on the password in your script.
My users/passwords are stored a mysql db with md5-encrypt encrypted passwords (postfixadmin), and couldn’t make your script to do that type of encryption.
After abt six hours or so of googling (given the fact that I know next to zero about mysql, php or any other type of programming for that matter) I stumbled upon an article, gave me a hint, I tried it out, and it seems to work. Just wanted to share it with the people that want to give your script/plugin a try, Here goes:
At the $passwordquery bit, in password.inc file, put this bit of code right after ‘”.$new_password.”
,concat(_utf8′$1$’,right(md5(rand()),8),_utf8′$’)
This will actually encrypt the new password in md5-crypt.
Thanks again for this great plugin!
about 1 year ago
I can only assume that the problem was fixed as per your comment below
.
Thanks for sharing!
about 1 year ago
I liked reading your blog…keep up the good work.
about 9 months ago
I keep getting the following error in the log when trying this with the newest version of roundcubemail….
[14-Dec-2009 09:31:34] PHP Fatal error: Call to undefined method rcube_config::get_des_key() in /var/www/mail/program/steps/settings/password.inc on line 57
What could be the problem? Could they have changed something in the newer version that breaks this great code…just a side note it worked fine in my previous version just want to try to get it to work in the newest version becasue this is a great add on.
about 9 months ago
Travis
The newest version of Roundcube is siginificantly different that then version that this code was designed for. The new roundcube now implements the plugin API. As such unfortunately this code will not work with the newest version. I have not had time to update it. But if you are up to the task, please feel free to do so.
about 9 months ago
I would but I know very little about javascript. Just hoping there might be and easy fix, everything works except for this, and it goes to programming error page (http 500)