On 4/4/2012 11:42 PM, Paul Lesniewski wrote: >>>>>> I am using Squirrelmail version 1.4.19 on Scientific Linux with Apache. >>>>>> I have configured change_pass plugin with squirrelmail with poppassd at >>>>>> the IMAP server, so my users can change passwords of their accounts. >>>>>> >>>>>> I have a requirement where user need to change his/her password on the >>>>>> first login. When we create account on IMAP server, we give a default >>>>>> password which need to be changed on first login. The user should not >>>>>> be >>>>>> allowed do anything like read mails, access address book etc.without >>>>>> changing the password. >>>>>> >>>>>> Please suggest how can I achieve this. >>>>> Take a look at the change_sqlpass plugin which has this feature. It >>>>> can be ported for the most part directly to the change_pass plugin, >>>>> however, you'll need to design a way for the plugin to determine which >>>>> users need to be forced to change their passwords. >>>>> >>>> Hi Paul, >>>> >>>> Thanks for your reply. >>>> >>>> I had a look at the change_sqlpass and change_pass plugin. I have also >>>> devised a mechanism to identify the user whose password need to be >>>> forcibly changed and developed a small plugin for this. I attached the >>>> plugin as 'webmail_top' hook. The problem is that as soon as the user >>>> logs in, my plugin prompts the user to change the password but the user >>>> is allowed to click on other links like INBOX, Compose etc and he has a >>>> choice not to change the password. >>>> >>>> What I want is that the user should not be able to do anything without >>>> changing the password. Please suggest how is that possible. >>> The change_sqlpass plugin is more restrictive, so as I suggested, >>> please refer to it. >>> >>> If you want to limit user actions even more than change_sqlpass >>> plugin, please have a look at the hook list in the plugin development >>> guidelines or grep the source for hooks in the places you need. >>> >> Thanks Paul, >> >> I got the idea from change_sqlpass plugin and registered my plugin in >> 'right_main_after_header' hook . Now I am able to prevent the links on the >> left_side to go my change password page. This fulfills my partial >> requirement as this does not stop user to click and use the menu items in >> right frame. Is there any hook like right_main_before_header (I could not >> find in documentation) which I can use to prevent user to use menu items in >> right frame as well. > The change_sqlpass plugin works as such because the presumption is > that the user is logging in to read email. They cannot read any email > until they change their password. They can change some user settings, > but the account is still useless until the password is changed. > > If you want more lockout, there are several ways to accomplish this, > but you're going to have to get more creative and familiar with the > code of the pages you wish to modify. There's always the > "generic_header" hook, but you should stay away from that as much as > possible in the name of performance. You can do things on the > "menuline" hook and each of the linked core pages on the menu line > will have hooks in them you can use. > Thanks a lot Paul, At this stage, it is fine to have these restriction as account is unusable until the user changes the password. I will dig deep in 'menuline' hook and other things if required. regards Sharma ------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2 ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
