* Admin/ImportExport: fixed import of already hashed passwords

2024-11-25 01:13:25 +01:00 · 2012-03-29 18:33:33 +00:00 · 2012-03-29 18:33:33 +00:00 · a3ada52adf
commit a3ada52adf
parent 545ffcf34e
4 changed files with 38 additions and 28 deletions
--- a/admin/inc/class.admin_cmd_edit_user.inc.php
+++ b/admin/inc/class.admin_cmd_edit_user.inc.php
@ -165,8 +165,11 @@ class admin_cmd_edit_user extends admin_cmd_change_pw
 				admin_cmd::$acl->delete_repository('preferences','nopasswordchange',$data['account_id']);
 			}
 		}
-		// for existing accounts we have to change the password explicitly (at least that's what the old UI does)
-		if($this->account && !is_null($this->password))
+		// if we have a password and it's not a hash, and auth_type != account_repository
+		if (!is_null($this->password) &&
+			!preg_match('/^\\{[a-z5]{3,5}\\}.+/i',$this->password) &&
+			!preg_match('/^[0-9a-f]{32}$/',$this->password) &&	// md5 hash
+			admin_cmd::$accounts->config['auth_type'] != admin_cmd::$accounts->config['account_repository'])
 		{
 			admin_cmd_change_pw::exec();		// calling the exec method of the admin_cmd_change_pw
 		}
--- a/admin/inc/class.admin_import_users_csv.inc.php
+++ b/admin/inc/class.admin_import_users_csv.inc.php
@ -79,9 +79,9 @@ class admin_import_users_csv implements importexport_iface_import_plugin  {
 	protected $errors = array();

 	/**
-         * List of actions, and how many times that action was taken
-         */
-        protected $results = array();
+	 * List of actions, and how many times that action was taken
+	 */
+	protected $results = array();

 	/**
 	 * imports entries according to given definition object.
@ -126,7 +126,7 @@ class admin_import_users_csv implements importexport_iface_import_plugin  {
 		$this->errors = array();

 		$lookups = array(
-			'account_status'        => array('A' => lang('Active'), '' => lang('Disabled'), 'D' => lang('Disabled')),
+			'account_status'	=> array('A' => lang('Active'), '' => lang('Disabled'), 'D' => lang('Disabled')),
 		);

 		while ( $record = $import_csv->get_record() ) {
@ -217,7 +217,7 @@ class admin_import_users_csv implements importexport_iface_import_plugin  {
 				return true;
 			default:
 				throw new egw_exception('Unsupported action');
-			
+
 		}
 	}

@ -286,27 +286,26 @@ class admin_import_users_csv implements importexport_iface_import_plugin  {
 	}

 	/**
-        * Returns errors that were encountered during importing
-        * Maximum of one error message per record, but you can append if you need to
-        *
-        * @return Array (
-        *       record_# => error message
-        *       )
-        */
-        public function get_errors() {
+	* Returns errors that were encountered during importing
+	* Maximum of one error message per record, but you can append if you need to
+	*
+	* @return Array (
+	*       record_# => error message
+	*       )
+	*/
+	public function get_errors() {
 		return $this->errors;
 	}

 	/**
-        * Returns a list of actions taken, and the number of records for that action.
-        * Actions are things like 'insert', 'update', 'delete', and may be different for each plugin.
-        *
-        * @return Array (
-        *       action => record count
-        * )
-        */
-        public function get_results() {
-                return $this->results;
-        }
-} // end of iface_export_plugin
-?>
+	* Returns a list of actions taken, and the number of records for that action.
+	* Actions are things like 'insert', 'update', 'delete', and may be different for each plugin.
+	*
+	* @return Array (
+	*       action => record count
+	* )
+	*/
+	public function get_results() {
+		return $this->results;
+	}
+}
--- a/phpgwapi/inc/class.accounts_ldap.inc.php
+++ b/phpgwapi/inc/class.accounts_ldap.inc.php
@ -569,7 +569,11 @@ class accounts_ldap
 		$utc_diff = date('Z');
 		if (isset($data['account_passwd']) && $data['account_passwd'])
 		{
-			if (!preg_match('/^\\{[a-z5]{3,5}\\}.+/i',$data['account_passwd']))	// if it's not already entcrypted, do so now
+			if (preg_match('/^[a-f0-9]{32}$/', $data['account_passwd']))	// md5 --> ldap md5
+			{
+				$data['account_passwd'] = setup_cmd_ldap::hash_sql2ldap($data['account_passwd']);
+			}
+			elseif (!preg_match('/^\\{[a-z5]{3,5}\\}.+/i',$data['account_passwd']))	// if it's not already entcrypted, do so now
 			{
 				$data['account_passwd'] = auth::encrypt_ldap($data['account_passwd']);
 			}
--- a/setup/inc/class.setup_cmd_ldap.inc.php
+++ b/setup/inc/class.setup_cmd_ldap.inc.php
@ -274,6 +274,10 @@ class setup_cmd_ldap extends setup_cmd
 		{
 			list(,$type,$hash) = $matches;
 		}
+		elseif (preg_match('/^[0-9a-f]{32}$/',$hash))
+		{
+			$type = 'md5';
+		}
 		switch(strtolower($type))
 		{
 			case 'plain':