* Admin/ImportExport: fixed import of already hashed passwords

2024-11-28 19:03:14 +01:00 · 2012-03-29 18:33:33 +00:00 · 2012-03-29 18:33:33 +00:00 · a3ada52adf
commit a3ada52adf
parent 545ffcf34e
4 changed files with 38 additions and 28 deletions
--- a/admin/inc/class.admin_cmd_edit_user.inc.php
+++ b/admin/inc/class.admin_cmd_edit_user.inc.php
@ -165,8 +165,11 @@ class admin_cmd_edit_user extends admin_cmd_change_pw
 				admin_cmd::$acl->delete_repository('preferences','nopasswordchange',$data['account_id']);
 			}
 		}
-		// for existing accounts we have to change the password explicitly (at least that's what the old UI does)
-		if($this->account && !is_null($this->password))
+		// if we have a password and it's not a hash, and auth_type != account_repository
+		if (!is_null($this->password) &&
+			!preg_match('/^\\{[a-z5]{3,5}\\}.+/i',$this->password) &&
+			!preg_match('/^[0-9a-f]{32}$/',$this->password) &&	// md5 hash
+			admin_cmd::$accounts->config['auth_type'] != admin_cmd::$accounts->config['account_repository'])
 		{
 			admin_cmd_change_pw::exec();		// calling the exec method of the admin_cmd_change_pw
 		}
--- a/admin/inc/class.admin_import_users_csv.inc.php
+++ b/admin/inc/class.admin_import_users_csv.inc.php
@ -308,5 +308,4 @@ class admin_import_users_csv implements importexport_iface_import_plugin  {
 	public function get_results() {
 		return $this->results;
 	}
-} // end of iface_export_plugin
-?>
+}
--- a/phpgwapi/inc/class.accounts_ldap.inc.php
+++ b/phpgwapi/inc/class.accounts_ldap.inc.php
@ -569,7 +569,11 @@ class accounts_ldap
 		$utc_diff = date('Z');
 		if (isset($data['account_passwd']) && $data['account_passwd'])
 		{
-			if (!preg_match('/^\\{[a-z5]{3,5}\\}.+/i',$data['account_passwd']))	// if it's not already entcrypted, do so now
+			if (preg_match('/^[a-f0-9]{32}$/', $data['account_passwd']))	// md5 --> ldap md5
+			{
+				$data['account_passwd'] = setup_cmd_ldap::hash_sql2ldap($data['account_passwd']);
+			}
+			elseif (!preg_match('/^\\{[a-z5]{3,5}\\}.+/i',$data['account_passwd']))	// if it's not already entcrypted, do so now
 			{
 				$data['account_passwd'] = auth::encrypt_ldap($data['account_passwd']);
 			}
--- a/setup/inc/class.setup_cmd_ldap.inc.php
+++ b/setup/inc/class.setup_cmd_ldap.inc.php
@ -274,6 +274,10 @@ class setup_cmd_ldap extends setup_cmd
 		{
 			list(,$type,$hash) = $matches;
 		}
+		elseif (preg_match('/^[0-9a-f]{32}$/',$hash))
+		{
+			$type = 'md5';
+		}
 		switch(strtolower($type))
 		{
 			case 'plain':