extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-07 16:44:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

fixed not working password (hash) migration

Browse Source
This commit is contained in:
Ralf Becker 2011-05-04 13:33:34 +00:00
parent 4f3f6748f1
commit bd64d536bc
1 changed files with 16 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
phpgwapi/inc/class.auth_sql.inc.php
View File

@ -63,34 +63,30 @@ class auth_sql implements auth_backend
}
if($passwd_type == 'text')
{
if (!($row = $this->db->select($this->table,'account_lid,account_pwd,account_lastlogin',$where,__LINE__,__FILE__)->fetch()) ||
if (!($row = $this->db->select($this->table,'account_lid,account_pwd,account_lastlogin,account_id',$where,__LINE__,__FILE__)->fetch()) ||
empty($row['account_pwd']) ||
$GLOBALS['egw_info']['server']['case_sensitive_username'] && $row['account_lid'] != $username)
{
return false;
}
if(!auth::compare_password($passwd,$row['account_pwd'],$this->type,strtolower($username)))
if(!($match = auth::compare_password($passwd,$row['account_pwd'],$this->type,strtolower($username))) ||
preg_match('/^{(.+)}/',$row['account_pwd'],$matches) && // explicit specified hash, eg. from ldap
in_array(strtolower($matches[1]),explode(',',strtolower($GLOBALS['egw_info']['server']['pwd_migration_types']))))
{
$match = false;
// do we have to migrate an old password ?
if($GLOBALS['egw_info']['server']['pwd_migration_allowed'] && !empty($GLOBALS['egw_info']['server']['pwd_migration_types']))
{
foreach(explode(',', $GLOBALS['egw_info']['server']['pwd_migration_types']) as $type)
{
if(auth::compare_password($passwd,$row['account_pwd'],$type,strtolower($username)))
if(($match = auth::compare_password($passwd,$row['account_pwd'],$type,strtolower($username))))
{
$account_id = $GLOBALS['egw_info']['user']['account_id'];
$encrypted_passwd = $this->encrypt_sql($passwd);
$this->_update_passwd($encrypted_passwd,$passwd,$account_id);
$match = true;
$encrypted_passwd = auth::encrypt_sql($passwd);
$this->_update_passwd($encrypted_passwd,$passwd,$row['account_id'],false,true);
break;
}
}
}
if (!$match)
{
return false;
}
if (!$match) return false;
}
}
/* Auth via crypted password. NOTE: mail needs cleartext password to authenticate against mailserver! */
@ -156,7 +152,7 @@ class auth_sql implements auth_backend
$admin = False;
$account_id = $GLOBALS['egw_info']['user']['account_id'];
$username = $GLOBALS['egw_info']['user']['account_lid'];
}
}
else
{
$username = $GLOBALS['egw']->accounts->id2name($account_id);
@ -203,7 +199,7 @@ class auth_sql implements auth_backend
$admin = False;
$account_id = $GLOBALS['egw_info']['user']['account_id'];
$username = $GLOBALS['egw_info']['user']['account_lid'];
}
}
else
{
$username = $GLOBALS['egw']->accounts->id2name($account_id);
@ -230,19 +226,19 @@ class auth_sql implements auth_backend
/**
* changes password in sql datababse
*
* @internal
* @param string $encrypted_passwd
* @param string $new_passwd cleartext
* @param int $account_id account id of user whose passwd should be changed
* @param boolean $admin=false called by admin, if not update password in the session
* @param boolean $update_lastpw_change=true
* @return boolean true if password successful changed, false otherwise
*/
function _update_passwd($encrypted_passwd,$new_passwd,$account_id,$admin=false)
private function _update_passwd($encrypted_passwd,$new_passwd,$account_id,$admin=false,$update_lastpw_change=true)
{
$this->db->update($this->table,array(
'account_pwd' => $encrypted_passwd,
'account_lastpwd_change' => time(),
),array(
$update = array('account_pwd' => $encrypted_passwd);
if ($update_lastpw_change) $write['account_lastpwd_change'] = time();
$this->db->update($this->table,$update,array(
'account_id' => $account_id,
),__LINE__,__FILE__);