From 7990f8881b085279269d35cf9dd2787b88ae1c08 Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Tue, 27 Nov 2012 14:47:43 -0500
Subject: [PATCH] Bugfix: _ispconfig_pw_crypted was ignored (stripped off in encoding method)
---
interface/lib/classes/remoting_lib.inc.php | 17 +++++++++--------
1 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php
index 2bb1897..095b8c2 100644
--- a/interface/lib/classes/remoting_lib.inc.php
+++ b/interface/lib/classes/remoting_lib.inc.php
@@ -390,6 +390,7 @@
if($dbencode == true) $new_record[$key] = $app->db->quote($new_record[$key]);
}
}
+ if(isset($record['_ispconfig_pw_crypted'])) $new_record['_ispconfig_pw_crypted'] = $record['_ispconfig_pw_crypted']; // this one is not in form definitions!
return $new_record;
}
@@ -672,13 +673,13 @@
if($action == "INSERT") {
if($field['formtype'] == 'PASSWORD') {
$sql_insert_key .= "`$key`, ";
- if($field['encryption'] == 'CRYPT') {
+ if ((isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') || (isset($record['_ispconfig_pw_crypted']) && $record['_ispconfig_pw_crypted'] == 1)) {
+ $sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
+ } elseif(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
- } elseif ($field['encryption'] == 'MYSQL') {
+ } elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
$sql_insert_val .= "PASSWORD('".$app->db->quote($record[$key])."'), ";
- } elseif ($field['encryption'] == 'CLEARTEXT') {
- $sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
} else {
$record[$key] = md5(stripslashes($record[$key]));
$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
@@ -699,14 +700,14 @@
}
} else {
if($field['formtype'] == 'PASSWORD') {
- if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
+ if ((isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') || (isset($record['_ispconfig_pw_crypted']) && $record['_ispconfig_pw_crypted'] == 1)) {
+ $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
+ } elseif(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
} elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
$sql_update .= "`$key` = PASSWORD('".$app->db->quote($record[$key])."'), ";
- } elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') {
- $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
- } else {
+ } else {
$record[$key] = md5(stripslashes($record[$key]));
$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
}
--
Gitblit v1.9.1