Squirrelmail – change_sqlpass: Ubuntu 10.04 Lucid Lynx.

Problem: After success password change with the plugin change_sqlpass the next page is:

This page request could not be verified and appears to have expired.

This patch get it working on newer systems, for example on Ubuntu 10.04 Lucid Lynx.

--- change_sqlpass/functions_orig.php   2011-03-28 22:34:25.000000000 +0200
+++ change_sqlpass/functions.php    2011-03-28 22:37:29.000000000 +0200
@@ -474,7 +474,7 @@
    sqgetGlobalVar('csp_was_already_encrypted_port', $csp_was_already_encrypted_port, SQ_SESSION);
    sqgetGlobalVar('HTTP_HOST', $HTTP_HOST, SQ_SERVER);
    if (empty($base_uri)) $base_uri = sqm_baseuri();
-   $loc = $base_uri . 'src/options.php?optpage=xx&optmode=submit&csp_change_success=no';
+   $loc = $base_uri . 'src/options.php?optpage=xx&optmode=submit&csp_change_success=no&smtoken=' . sm_generate_security_token();
    if ($csp_was_already_encrypted_port == 443)
       $cancel_location = 'https://' . $HTTP_HOST . $loc;
    else if ($csp_was_already_encrypted_port)
@@ -538,6 +538,7 @@
       <tr>
          <td align="right" colspan="2">
             <input type="hidden" name="csp_submit_change" value="1">
+       <input type="hidden" name="smtoken" value="<?php echo sm_generate_security_token(); ?>">
             <input type="submit" value="<?php echo _("Submit"); ?>">
 
 
@@ -927,7 +928,7 @@
          if (!empty($csp_was_force_mode))
             $loc = $base_uri . 'src/right_main.php';
          else
-            $loc = $base_uri . 'src/options.php?optpage=xx&optmode=submit&csp_change_success=yes';
+            $loc = $base_uri . 'src/options.php?optpage=xx&optmode=submit&csp_change_success=yes&smtoken=' . sm_generate_security_token();
          if ($csp_was_already_encrypted_port == 443)
             $redirect_location = 'https://' . $HTTP_HOST . $loc;
          else if ($csp_was_already_encrypted_port)
avatar

About tompos

Hungary, Budapest
This entry was posted in IT. Bookmark the permalink.

Leave a Reply