config->get('password_httpapi_url'); $method = $rcmail->config->get('password_httpapi_method', 'POST'); $var_user = $rcmail->config->get('password_httpapi_var_user'); $var_curpass = $rcmail->config->get('password_httpapi_var_curpass'); $var_newpass = $rcmail->config->get('password_httpapi_var_newpass'); $expect = $rcmail->config->get('password_httpapi_expect'); // Set the variables on the GET query string or POST vars $vars = []; if ($var_user) { $vars[$var_user] = $username; } if ($var_curpass) { $vars[$var_curpass] = $curpass; } if ($var_newpass) { $vars[$var_newpass] = $newpass; } $method = strtoupper($method); $params = []; if ($method == 'POST') { $params['form_params'] = $vars; } else if ($method == 'GET') { $params['query'] = $vars; } else { rcube::raise_error([ 'code' => 600, 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Invalid httpapi method", ], true, false ); return PASSWORD_CONNECT_ERROR; } try { $response = $client->request($method, $url, $params); $response_code = $response->getStatusCode(); $result = $response->getBody(); } catch (Exception $e) { rcube::raise_error([ 'code' => 600, 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: " . $e->getMessage() ], true, false ); return PASSWORD_CONNECT_ERROR; } // Non-2xx response codes mean the password change failed if ($response_code < 200 || $response_code > 299) { rcube::raise_error([ 'code' => 600, 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Unexpected response code {$response_code}: " . substr($result, 0, 1024) ], true, false ); return ($response_code == 404 || $response_code > 499) ? PASSWORD_CONNECT_ERROR : PASSWORD_ERROR; } // If configured, check the body of the response if ($expect && !preg_match($expect, $result)) { rcube::raise_error([ 'code' => 600, 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: Unexpected response body: " . substr($result, 0, 1024) ], true, false ); return PASSWORD_ERROR; } return PASSWORD_SUCCESS; } }