Skip to content

Commit f17dab4

Browse files
author
vogelor
committed
The webdav user pwd was hased twice. Now it is working fine
1 parent 94927b9 commit f17dab4

File tree

2 files changed

+7
-8
lines changed

2 files changed

+7
-8
lines changed

interface/web/sites/webdav_user_edit.php

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -166,12 +166,13 @@ function onBeforeUpdate() {
166166
$data = $app->db->queryOneRecord("SELECT * FROM webdav_user WHERE webdav_user_id = ".intval($this->id));
167167
$this->dataRecord["username"] = $data['username'];
168168
$this->dataRecord["dir"] = $data['dir'];
169+
$passwordOld = $data['password'];
169170

170171
/*
171172
* We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule
172-
* needs (only if the pwd is changed
173+
* needs (only if the pwd is changed)
173174
*/
174-
if (isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
175+
if ((isset($this->dataRecord["password"])) && ($this->dataRecord["password"] != '') && ($this->dataRecord["password"] != $passwordOld)) {
175176
$hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);
176177
$this->dataRecord["password"] = $hash;
177178
}

server/plugins-available/apache2_plugin.inc.php

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1085,7 +1085,6 @@ private function _writeHtDigestFile($filename, $username, $authname, $pwdhash )
10851085
$changed = false;
10861086
$in = fopen($filename, 'r');
10871087
$output = '';
1088-
10891088
/*
10901089
* read line by line and search for the username and authname
10911090
*/
@@ -1096,10 +1095,9 @@ private function _writeHtDigestFile($filename, $username, $authname, $pwdhash )
10961095
/*
10971096
* found the user. delete or change it?
10981097
*/
1099-
if ($pwd != '') {
1100-
$tmp[2] = $pwdhash;
1101-
$output .= $tmp[0] . ':' . $tmp[1] . ':' . $tmp[2] . "\n";
1102-
}
1098+
if ($pwdhash != '') {
1099+
$output .= $tmp[0] . ':' . $tmp[1] . ':' . $pwdhash . "\n";
1100+
}
11031101
$changed = true;
11041102
}
11051103
else {
@@ -1110,7 +1108,7 @@ private function _writeHtDigestFile($filename, $username, $authname, $pwdhash )
11101108
* if we didn't change anything, we have to add the new user at the end of the file
11111109
*/
11121110
if (!$changed) {
1113-
$output .= $username . ':' . $authname . ':' . md5($username . ':' . $authname . ':' . $pwd) . "\n";
1111+
$output .= $username . ':' . $authname . ':' . $pwdhash . "\n";
11141112
}
11151113
fclose($in);
11161114

0 commit comments

Comments
 (0)