phpgroupware-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Phpgroupware-cvs] CVS: phpgwapi/inc class.auth_sqlssl.inc.php,1.4,1.5

From: Miles Lott <address@hidden>
Subject: [Phpgroupware-cvs] CVS: phpgwapi/inc class.auth_sqlssl.inc.php,1.4,1.5
Date: Sun, 10 Mar 2002 13:45:01 -0500 
Update of /cvsroot/phpgroupware/phpgwapi/inc
In directory subversions:/tmp/cvs-serv27493

Modified Files:
        class.auth_sqlssl.inc.php 
Log Message:
fix for BUG# 100527

Index: class.auth_sqlssl.inc.php
===================================================================
RCS file: /cvsroot/phpgroupware/phpgwapi/inc/class.auth_sqlssl.inc.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -r1.4 -r1.5
*** class.auth_sqlssl.inc.php   25 Sep 2001 14:52:10 -0000      1.4
--- class.auth_sqlssl.inc.php   10 Mar 2002 18:44:59 -0000      1.5
***************
*** 34,38 ****
                        $local_debug = False;
  
!                       if ($local_debug)
                        {
                                echo "<b>Debug SQL: uid - $username passwd - 
$passwd</b>";
--- 34,38 ----
                        $local_debug = False;
  
!                       if($local_debug)
                        {
                                echo "<b>Debug SQL: uid - $username passwd - 
$passwd</b>";
***************
*** 42,50 ****
                        # Certificate (chain) verification occurs inside mod_ssl
                        # see http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6
!                       if 
(!isset($GLOBALS['HTTP_SERVER_VARS']['SSL_CLIENT_S_DN']))
                        {
                                # if we're not doing SSL authentication, behave 
like auth_sql
                                $db->query("SELECT * FROM phpgw_accounts WHERE 
account_lid = '$username' AND "
!                . "account_pwd='" . md5($passwd) . "' AND account_status 
='A'",__LINE__,__FILE__);
                                $db->next_record();
                        }
--- 42,50 ----
                        # Certificate (chain) verification occurs inside mod_ssl
                        # see http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6
!                       
if(!isset($GLOBALS['HTTP_SERVER_VARS']['SSL_CLIENT_S_DN']))
                        {
                                # if we're not doing SSL authentication, behave 
like auth_sql
                                $db->query("SELECT * FROM phpgw_accounts WHERE 
account_lid = '$username' AND "
!                                       . "account_pwd='" . md5($passwd) . "' 
AND account_status ='A'",__LINE__,__FILE__);
                                $db->next_record();
                        }
***************
*** 56,60 ****
                        }
  
!                       if ($db->f('account_lid'))
                        {
                                return True;
--- 56,60 ----
                        }
  
!                       if($db->f('account_lid'))
                        {
                                return True;
***************
*** 68,72 ****
                function change_password($old_passwd, $new_passwd, $account_id 
= '')
                {
!                       if (! $account_id)
                        {
                                $account_id = 
$GLOBALS['phpgw_info']['user']['account_id'];
--- 68,72 ----
                function change_password($old_passwd, $new_passwd, $account_id 
= '')
                {
!                       if(!$account_id)
                        {
                                $account_id = 
$GLOBALS['phpgw_info']['user']['account_id'];
***************
*** 75,80 ****
                        $encrypted_passwd = md5($new_passwd);
  
!                       $GLOBALS['phpgw']->db->query("update phpgw_accounts set 
account_pwd='" . md5($new_passwd) . "',"
!                               . "account_lastpwd_change='" . time() . "' 
where account_id='" . $account_id . "'",__LINE__,__FILE__);
  
                        
$GLOBALS['phpgw']->session->appsession('password','phpgwapi',$new_passwd);
--- 75,80 ----
                        $encrypted_passwd = md5($new_passwd);
  
!                       $GLOBALS['phpgw']->db->query("UPDATE phpgw_accounts SET 
account_pwd='" . md5($new_passwd) . "',"
!                               . "account_lastpwd_change='" . time() . "' 
WHERE account_id='" . $account_id . "'",__LINE__,__FILE__);
  
                        
$GLOBALS['phpgw']->session->appsession('password','phpgwapi',$new_passwd);
***************
*** 85,95 ****
                function update_lastlogin($account_id, $ip)
                {
!                       $GLOBALS['phpgw']->db->query("select account_lastlogin 
from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__);
                        $GLOBALS['phpgw']->db->next_record();
!                       $this->previous_login = 
$phpgw->db->f('account_lastlogin');
  
!                       $GLOBALS['phpgw']->db->query("update phpgw_accounts set 
account_lastloginfrom='"
                                . "$ip', account_lastlogin='" . time()
!                               . "' where 
account_id='$account_id'",__LINE__,__FILE__);
                }
        }
--- 85,95 ----
                function update_lastlogin($account_id, $ip)
                {
!                       $GLOBALS['phpgw']->db->query("SELECT account_lastlogin 
FROM phpgw_accounts WHERE account_id='$account_id'",__LINE__,__FILE__);
                        $GLOBALS['phpgw']->db->next_record();
!                       $this->previous_login = 
$GLOBALS['phpgw']->db->f('account_lastlogin');
  
!                       $GLOBALS['phpgw']->db->query("UPDATE phpgw_accounts SET 
account_lastloginfrom='"
                                . "$ip', account_lastlogin='" . time()
!                               . "' WHERE 
account_id='$account_id'",__LINE__,__FILE__);
                }
        }
reply via email to
[Prev in Thread] Current Thread [Next in Thread]