Commit Graph

39 Commits

Author SHA1 Message Date
Ralf Becker
76abb48fa4 fixed auth_sql to allow updating passwords of in-active accounts and return true for all successfull password changes as documented (returned false if password was unchanged and hash password on success) 2013-06-26 09:49:57 +00:00
Ralf Becker
9dfd92813a * Preferences/EMail: if user changed password, update password in session correct, so eg. EMail using that password keeps working 2013-02-21 09:44:56 +00:00
Klaus Leithoff
f7a50ec383 * API/CheckPasswordAge: new approach to the issue, as we have to take into account that the timestamp of the last password change may not be provided by the auth system. We fetch the timestamp from the authsystem if the method is implemented for the auth method configured (instead of juggling with account_lastpasswd_change or account_lastpwd_change) 2011-09-26 08:51:48 +00:00
Ralf Becker
fae1d29e68 - implemented more secure password hashing types: sha512_crypt, sha256_crypt and blowfish_crypt (later was only just broken)
- DB schema update for account_pwd to varchar(128) to accomodate sha512_crypt hashes
- enable automatic migration to sha512_crypt, if on SQL or LDAP (but only on Linux, as OpenLDAP has not native support for it)
2011-06-05 23:22:51 +00:00
Klaus Leithoff
9ec96b10e4 fix typo, as the account_lastpwd_change was not altered anymore on password change 2011-05-11 09:39:02 +00:00
Ralf Becker
bd64d536bc fixed not working password (hash) migration 2011-05-04 13:33:34 +00:00
Klaus Leithoff
4f0e104e27 more to the issue: fix to regard the password-last-changed information from the auth system - if provided, and thus be able to react on forced password changes triggered by auth system 2011-03-16 12:44:42 +00:00
Klaus Leithoff
a080404dab fix to regard the password-last-changed information from the auth system - if provided, and thus be able to react on forced password changes triggered from auth system. set password-last-changed info in authsystem on password change. when trying to force the user to change his password upon next login as admin from within egrouware, try to set the 0 value within the authsystem as well (in ldap rights are required for admin (or user) to set/alter the shadowlastchange attribute) 2011-03-16 11:00:16 +00:00
Ralf Becker
61d26df913 reworked auth classes, to allow them to use each other and a new auth class using a primary backend (ldap) and a fallback (sql) 2010-01-28 04:22:37 +00:00
Ralf Becker
232252475f patch fixing many depricated functions (eg. posix regular expressions) and features, which fill up the error_log under php5.3 (and will no longer be available under php6).
Patch is mostly created by script in egroupware/doc/fix_depricated.php in separate commit.
I do NOT advice to apply this patch to a production system (it's commited to trunk!), as the automatic modified regular expressions have a good change to break something ...
2009-06-08 16:21:14 +00:00
Ralf Becker
bdf7f84a23 fix for bug #1261: PostgreSQL: eGW ignores setting to dont care about case sensitive usernames 2008-06-07 08:25:28 +00:00
Ralf Becker
4f94d5837d use of global db object and new headers, made all methods of the auth class static 2008-03-15 17:27:36 +00:00
Cornelius Weiß
f043f76be2 fix typo 2005-11-22 22:32:21 +00:00
Ralf Becker
c85d34c0fe changed the following table-names:
- phpgw_accounts --> egw_accounts
- phpgw_acl --> egw_acl
- phpgw_log(_msg) --> egw_log(_msg)
- phpgw_config --> egw_config
- phpgw_applications --> egw_applications
This requires code-changes in many apps. Quite often I was able to replace the db access, with calls to the appropreate classes.
2005-11-02 11:45:52 +00:00
Miles Lott
137e472433 Use correct quoting when querying/setting account_id; minor formatting 2005-08-27 12:19:35 +00:00
Cornelius Weiß
632a990cfb added support for authentication via cookie. NOTE: you have to enable this in setup if u want to use it. 2005-05-11 18:25:17 +00:00
Cornelius Weiß
bd9f34dbd3 bugfix in password migration 2005-05-10 21:14:20 +00:00
Cornelius Weiß
79c9507039 - massive code cleanup
- added md5_hmac auth type
- added support for password migration
2005-05-10 19:00:55 +00:00
reinerj
48f840d7de move from old projct to new one 2004-05-05 12:06:13 +00:00
Miles Lott
04067c7a04 Add SMD5 hashing for sql and ldap based on my debian experience today 2004-01-26 03:01:54 +00:00
Miles Lott
934067f137 Fix the function call some more 2004-01-21 23:13:02 +00:00
Miles Lott
56085e8acf Fix bad function call for md5 passwords 2004-01-21 23:10:05 +00:00
Miles Lott
9be5a8982d Consolidate password updates and remove debug output, i think 2004-01-21 22:53:02 +00:00
Miles Lott
77fd8f4882 Move password functions to auth class; Add support for new encryption types in setup
and implement password checking and creation for these new types
2004-01-18 21:12:53 +00:00
Lars Kneschke
05b73a96b0 enable check for casesensitive usernames 2004-01-16 07:44:38 +00:00
Ralf Becker
b8557e49d9 make the phpgw Version-0_9_16-branch HEAD 2003-08-28 14:31:11 +00:00
jengo
1dc787e40d Started working on allowing md5 passwords to be sent from login.php 2001-10-02 05:38:35 +00:00
Miles Lott
cb560611b1 using GLOBALS 2001-08-30 19:43:06 +00:00
jengo
37bd9763fa Added feature to drop the previous login into appsessions, this way developer can find out how long its been since they last logged in.
- Formating in sqlssl
- Fixed change_password() in sqlssl not being correct and based on older versions
2001-06-03 17:58:12 +00:00
jengo
a7c66aa628 Fixed appsessions not being updated durring a password change 2001-04-17 17:49:13 +00:00
Miles Lott
e2afce4073 Fix account_id use in update_lastlogin to use get_account_id; formatting 2001-03-26 21:36:32 +00:00
skeeter
b9da94fd2e New function get_account_id(). This will take either an account_id # as either an integer or a string and return a true intval(account_id) or take a string of a users lid and return the account_id as an integer 2001-03-19 20:25:04 +00:00
Lars Kneschke
9ebb3bfaae make password changing working from user admin pages 2001-02-12 21:13:09 +00:00
skeeter
53f4716584 replaced quotes with single ticks where applicable 2001-02-11 20:03:35 +00:00
jengo
df7ef82a06 Fixed last login information not being updated 2001-02-07 13:19:09 +00:00
jengo
f6adca46c7 Changed the accounts class to use the new smaller version of the phpgw_accounts table 2001-02-05 14:58:03 +00:00
seek3r
4e3e6c77cb fixed banners so that they are all uniform and complete 2001-01-16 13:52:32 +00:00
seek3r
fba1a92446 Put in new license details 2001-01-13 10:18:50 +00:00
seek3r
e97ef24062 switching to the new Object factory method 2001-01-11 09:52:33 +00:00