mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-23 07:09:20 +01:00
Started working on allowing md5 passwords to be sent from login.php
This commit is contained in:
parent
724d90feb7
commit
1dc787e40d
@ -151,7 +151,7 @@
|
||||
{
|
||||
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','code=5'));
|
||||
}
|
||||
$GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create($GLOBALS['login'],$GLOBALS['HTTP_POST_VARS']['passwd']);
|
||||
$GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create($GLOBALS['HTTP_POST_VARS']['login'],$GLOBALS['HTTP_POST_VARS']['passwd'],$GLOBALS['HTTP_POST_VARS']['passwd_type']);
|
||||
|
||||
if (! isset($GLOBALS['sessionid']) || ! $GLOBALS['sessionid'])
|
||||
{
|
||||
|
@ -18,6 +18,9 @@
|
||||
for new accounts.
|
||||
- Added global config option to deny users to access grants, usefull for ISPs
|
||||
- Merged patch for NIS auth - Thanks Dylan Adams <l0n@users.sourceforge.net>
|
||||
- login.php will now accept md5 passwords, if you not using email and have javascript
|
||||
enabled on your browser. Clear text passwords won't be sent over the wire. The javascript
|
||||
portion isn't complete yet, but will be before 0.9.14 is released. (REMOVE ME ONCE COMPLETE)
|
||||
|
||||
[0.9.12]
|
||||
- Note: These changelogs will only contain changes in the API (preferences, admin, etc)
|
||||
|
@ -28,12 +28,22 @@
|
||||
{
|
||||
var $previous_login = -1;
|
||||
|
||||
function authenticate($username, $passwd)
|
||||
function authenticate($username, $passwd, $passwd_type)
|
||||
{
|
||||
$db = $GLOBALS['phpgw']->db;
|
||||
|
||||
if ($passwd_type == 'text')
|
||||
{
|
||||
$_passwd = md5($passwd);
|
||||
}
|
||||
|
||||
if ($passwd_type == 'md5')
|
||||
{
|
||||
$_passwd = $passwd;
|
||||
}
|
||||
|
||||
$db->query("SELECT * FROM phpgw_accounts WHERE account_lid = '$username' AND "
|
||||
. "account_pwd='" . md5($passwd) . "' AND account_status ='A'",__LINE__,__FILE__);
|
||||
. "account_pwd='" . $_passwd . "' AND account_status ='A'",__LINE__,__FILE__);
|
||||
$db->next_record();
|
||||
|
||||
if ($db->f('account_lid'))
|
||||
|
@ -191,10 +191,12 @@
|
||||
. "'",__LINE__,__FILE__);
|
||||
}
|
||||
|
||||
function create($login,$passwd)
|
||||
function create($login,$passwd,$passwd_type)
|
||||
{
|
||||
$this->login = $login;
|
||||
$this->passwd = $passwd;
|
||||
$this->passwd_type = $passwd_type;
|
||||
|
||||
$this->clean_sessions();
|
||||
$login_array = explode('@', $login);
|
||||
$this->account_lid = $login_array[0];
|
||||
@ -214,7 +216,7 @@
|
||||
return False;
|
||||
}
|
||||
|
||||
if (! $GLOBALS['phpgw']->auth->authenticate($this->account_lid, $passwd))
|
||||
if (! $GLOBALS['phpgw']->auth->authenticate($this->account_lid, $this->passwd, $this->passwd_type))
|
||||
{
|
||||
return False;
|
||||
exit;
|
||||
|
@ -30,11 +30,10 @@
|
||||
<TD valign="BASELINES">
|
||||
|
||||
<FORM method="post" action="{login_url}">
|
||||
<input type="hidden" name="passwd_type" value="text">
|
||||
<TABLE border="0" align="CENTER" bgcolor="#486591" width="100%" cellpadding="0" cellspacing="0">
|
||||
<TR bgcolor="#e6e6e6">
|
||||
<TD colspan="2" align="CENTER">
|
||||
{cd}
|
||||
</TD>
|
||||
<TD colspan="2" align="CENTER">{cd}</TD>
|
||||
</TR>
|
||||
<TR bgcolor="#e6e6e6">
|
||||
<TD align="RIGHT"><font color="#000000">{lang_username}: </font></TD>
|
||||
@ -45,14 +44,10 @@
|
||||
<TD><input name="passwd" type="password"></TD>
|
||||
</TR>
|
||||
<TR bgcolor="#e6e6e6">
|
||||
<TD colspan="2" align="CENTER">
|
||||
<input type="submit" value="{lang_login}" name="submit">
|
||||
</TD>
|
||||
<TD colspan="2" align="CENTER"><input type="submit" value="{lang_login}" name="submit"></TD>
|
||||
</TR>
|
||||
<TR bgcolor="#e6e6e6">
|
||||
<TD colspan="2" align="RIGHT">
|
||||
<font color="#000000" size="-1">{version}</font>
|
||||
</TD>
|
||||
<TD colspan="2" align="RIGHT"><font color="#000000" size="-1">{version}</font></TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</FORM>
|
||||
|
Loading…
Reference in New Issue
Block a user