Skip to content

Commit 499037a

Browse files
tbrehmtbrehm
committed
Updated remoting library to use the new password encryption function from auth lib.
1 parent c614f1b commit 499037a

File tree

1 file changed

+4
-33
lines changed

1 file changed

+4
-33
lines changed

interface/lib/classes/remoting_lib.inc.php

Lines changed: 4 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -530,15 +530,7 @@ function getSQL($record, $action = 'INSERT', $primary_id = 0, $sql_ext_where = '
530530
if($field['formtype'] == 'PASSWORD') {
531531
$sql_insert_key .= "`$key`, ";
532532
if($field['encryption'] == 'CRYPT') {
533-
$salt="$1$";
534-
$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
535-
for ($n=0;$n<8;$n++) {
536-
//$salt.=chr(mt_rand(64,126));
537-
$salt.=$base64_alphabet[mt_rand(0,63)];
538-
}
539-
$salt.="$";
540-
// $salt = substr(md5(time()),0,2);
541-
$record[$key] = crypt($record[$key],$salt);
533+
$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
542534
} else {
543535
$record[$key] = md5($record[$key]);
544536
}
@@ -559,15 +551,7 @@ function getSQL($record, $action = 'INSERT', $primary_id = 0, $sql_ext_where = '
559551
} else {
560552
if($field['formtype'] == 'PASSWORD') {
561553
if($field['encryption'] == 'CRYPT') {
562-
$salt="$1$";
563-
$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
564-
for ($n=0;$n<8;$n++) {
565-
//$salt.=chr(mt_rand(64,126));
566-
$salt.=$base64_alphabet[mt_rand(0,63)];
567-
}
568-
$salt.="$";
569-
// $salt = substr(md5(time()),0,2);
570-
$record[$key] = crypt($record[$key],$salt);
554+
$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
571555
} else {
572556
$record[$key] = md5($record[$key]);
573557
}
@@ -693,14 +677,7 @@ function ispconfig_sysuser_add($params,$insert_id){
693677
$language = $app->db->quote($params["language"]);
694678
$groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('$username','','$insert_id')", 'groupid');
695679
$groups = $groupid;
696-
697-
$salt="$1$";
698-
$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
699-
for ($n=0;$n<8;$n++) {
700-
$salt.=$base64_alphabet[mt_rand(0,63)];
701-
}
702-
$salt.="$";
703-
$password = crypt(stripslashes($password),$salt);
680+
$password = $app->auth->crypt_password(stripslashes($password));
704681
$sql1 = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
705682
VALUES ('$username','$password','$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,$insert_id)";
706683
$app->db->query($sql1);
@@ -711,13 +688,7 @@ function ispconfig_sysuser_update($params,$client_id){
711688
$username = $app->db->quote($params["username"]);
712689
$clear_password = $app->db->quote($params["password"]);
713690
$client_id = intval($client_id);
714-
$salt="$1$";
715-
$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
716-
for ($n=0;$n<8;$n++) {
717-
$salt.=$base64_alphabet[mt_rand(0,63)];
718-
}
719-
$salt.="$";
720-
$password = crypt(stripslashes($clear_password),$salt);
691+
$password = $app->auth->crypt_password(stripslashes($clear_password));
721692
if ($clear_password) $pwstring = ", passwort = '$password'"; else $pwstring ="" ;
722693
$sql = "UPDATE sys_user set username = '$username' $pwstring WHERE client_id = $client_id";
723694
$app->db->query($sql);

0 commit comments

Comments
 (0)