Commit Graph

41 Commits

Author SHA1 Message Date
Ralf Becker
41fd3575c9 * Update to 1.8.004: REQUIRES TO VISIT SETUP for schema updates
- backport of security features from Trunk: support for sha512_crypt password and session-list without access to session-directory
- backport of numerous CalDAV/CardDAV features and fixes from Trunk: multiple addressbooks and calendars, support of resources, request logging
2012-03-31 14:12:25 +00:00
Klaus Leithoff
ac22466ba0 set the session cache for auth_alpwchange_val in methods for changepassword too 2011-09-23 09:56:12 +00:00
Klaus Leithoff
6bff18eadd set the session cache only when not in admin mode 2011-09-23 09:41:03 +00:00
Klaus Leithoff
b860d7fb50 set the session cache for auth_alpwchange_val on setLastPwdChange 2011-09-23 09:29:59 +00:00
Ralf Becker
fae1d29e68 - implemented more secure password hashing types: sha512_crypt, sha256_crypt and blowfish_crypt (later was only just broken)
- DB schema update for account_pwd to varchar(128) to accomodate sha512_crypt hashes
- enable automatic migration to sha512_crypt, if on SQL or LDAP (but only on Linux, as OpenLDAP has not native support for it)
2011-06-05 23:22:51 +00:00
Klaus Leithoff
9ec96b10e4 fix typo, as the account_lastpwd_change was not altered anymore on password change 2011-05-11 09:39:02 +00:00
Ralf Becker
0f73285f87 * setup/login: fixed not working password (hash) migration 2011-05-04 13:37:43 +00:00
Ralf Becker
bd64d536bc fixed not working password (hash) migration 2011-05-04 13:33:34 +00:00
Klaus Leithoff
4f0e104e27 more to the issue: fix to regard the password-last-changed information from the auth system - if provided, and thus be able to react on forced password changes triggered by auth system 2011-03-16 12:44:42 +00:00
Klaus Leithoff
a080404dab fix to regard the password-last-changed information from the auth system - if provided, and thus be able to react on forced password changes triggered from auth system. set password-last-changed info in authsystem on password change. when trying to force the user to change his password upon next login as admin from within egrouware, try to set the 0 value within the authsystem as well (in ldap rights are required for admin (or user) to set/alter the shadowlastchange attribute) 2011-03-16 11:00:16 +00:00
Ralf Becker
61d26df913 reworked auth classes, to allow them to use each other and a new auth class using a primary backend (ldap) and a fallback (sql) 2010-01-28 04:22:37 +00:00
Ralf Becker
232252475f patch fixing many depricated functions (eg. posix regular expressions) and features, which fill up the error_log under php5.3 (and will no longer be available under php6).
Patch is mostly created by script in egroupware/doc/fix_depricated.php in separate commit.
I do NOT advice to apply this patch to a production system (it's commited to trunk!), as the automatic modified regular expressions have a good change to break something ...
2009-06-08 16:21:14 +00:00
Ralf Becker
bdf7f84a23 fix for bug #1261: PostgreSQL: eGW ignores setting to dont care about case sensitive usernames 2008-06-07 08:25:28 +00:00
Ralf Becker
4f94d5837d use of global db object and new headers, made all methods of the auth class static 2008-03-15 17:27:36 +00:00
Cornelius Weiß
f043f76be2 fix typo 2005-11-22 22:32:21 +00:00
Ralf Becker
c85d34c0fe changed the following table-names:
- phpgw_accounts --> egw_accounts
- phpgw_acl --> egw_acl
- phpgw_log(_msg) --> egw_log(_msg)
- phpgw_config --> egw_config
- phpgw_applications --> egw_applications
This requires code-changes in many apps. Quite often I was able to replace the db access, with calls to the appropreate classes.
2005-11-02 11:45:52 +00:00
Miles Lott
137e472433 Use correct quoting when querying/setting account_id; minor formatting 2005-08-27 12:19:35 +00:00
Cornelius Weiß
632a990cfb added support for authentication via cookie. NOTE: you have to enable this in setup if u want to use it. 2005-05-11 18:25:17 +00:00
Cornelius Weiß
bd9f34dbd3 bugfix in password migration 2005-05-10 21:14:20 +00:00
Cornelius Weiß
79c9507039 - massive code cleanup
- added md5_hmac auth type
- added support for password migration
2005-05-10 19:00:55 +00:00
reinerj
48f840d7de move from old projct to new one 2004-05-05 12:06:13 +00:00
Miles Lott
04067c7a04 Add SMD5 hashing for sql and ldap based on my debian experience today 2004-01-26 03:01:54 +00:00
Miles Lott
934067f137 Fix the function call some more 2004-01-21 23:13:02 +00:00
Miles Lott
56085e8acf Fix bad function call for md5 passwords 2004-01-21 23:10:05 +00:00
Miles Lott
9be5a8982d Consolidate password updates and remove debug output, i think 2004-01-21 22:53:02 +00:00
Miles Lott
77fd8f4882 Move password functions to auth class; Add support for new encryption types in setup
and implement password checking and creation for these new types
2004-01-18 21:12:53 +00:00
Lars Kneschke
05b73a96b0 enable check for casesensitive usernames 2004-01-16 07:44:38 +00:00
Ralf Becker
b8557e49d9 make the phpgw Version-0_9_16-branch HEAD 2003-08-28 14:31:11 +00:00
jengo
1dc787e40d Started working on allowing md5 passwords to be sent from login.php 2001-10-02 05:38:35 +00:00
Miles Lott
cb560611b1 using GLOBALS 2001-08-30 19:43:06 +00:00
jengo
37bd9763fa Added feature to drop the previous login into appsessions, this way developer can find out how long its been since they last logged in.
- Formating in sqlssl
- Fixed change_password() in sqlssl not being correct and based on older versions
2001-06-03 17:58:12 +00:00
jengo
a7c66aa628 Fixed appsessions not being updated durring a password change 2001-04-17 17:49:13 +00:00
Miles Lott
e2afce4073 Fix account_id use in update_lastlogin to use get_account_id; formatting 2001-03-26 21:36:32 +00:00
skeeter
b9da94fd2e New function get_account_id(). This will take either an account_id # as either an integer or a string and return a true intval(account_id) or take a string of a users lid and return the account_id as an integer 2001-03-19 20:25:04 +00:00
Lars Kneschke
9ebb3bfaae make password changing working from user admin pages 2001-02-12 21:13:09 +00:00
skeeter
53f4716584 replaced quotes with single ticks where applicable 2001-02-11 20:03:35 +00:00
jengo
df7ef82a06 Fixed last login information not being updated 2001-02-07 13:19:09 +00:00
jengo
f6adca46c7 Changed the accounts class to use the new smaller version of the phpgw_accounts table 2001-02-05 14:58:03 +00:00
seek3r
4e3e6c77cb fixed banners so that they are all uniform and complete 2001-01-16 13:52:32 +00:00
seek3r
fba1a92446 Put in new license details 2001-01-13 10:18:50 +00:00
seek3r
e97ef24062 switching to the new Object factory method 2001-01-11 09:52:33 +00:00