[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] api/auth/class.auth_sql.php, 1.1.1.1.2.9
|
From: |
nomail |
|
Subject: |
[Phpgroupware-cvs] api/auth/class.auth_sql.php, 1.1.1.1.2.9 |
|
Date: |
Thu, 10 Jun 2004 09:07:36 +0200 |
Update of /api/auth
Modified Files:
Branch: proposal-branch
class.auth_sql.php
date: 2004/06/10 07:07:36; author: jengo; state: Exp; lines: +108 -15
Log Message:
Added new encryption types, default is our normal MD5
=====================================================================
Index: api/auth/class.auth_sql.php
diff -u api/auth/class.auth_sql.php:1.1.1.1.2.8
api/auth/class.auth_sql.php:1.1.1.1.2.9
--- api/auth/class.auth_sql.php:1.1.1.1.2.8 Sat May 8 22:28:23 2004
+++ api/auth/class.auth_sql.php Thu Jun 10 07:07:36 2004
@@ -26,31 +26,118 @@
/* $Source$ */
class api_auth
- {
+ {
function api_auth()
{
}
- function authenticate($username, $passwd)
+ function _create_password($passwd)
{
- $sql = "SELECT account_id FROM phpgw_accounts WHERE
account_lid='" . $username . "' AND "
- . "account_pwd='" . md5($passwd) . "' AND
account_status='A' AND account_expires > now()"
- . " AND account_type='u'";
- //$sql = "SELECT * FROM phpgw_accounts WHERE
account_lid='" . $username . "' AND "
- // . "account_pwd='" . md5($passwd) . "' AND
account_status='A' AND account_type='u'";
-
- $dbresult = $GLOBALS['phpgw']->db->Execute($sql);
+ switch
($GLOBALS['phpgw_data']['server']['password_type'])
+ {
+ case 'SSHA':
+ mt_srand((double)microtime()*1000000);
+ $salt = mhash_keygen_s2k(MHASH_SHA1,
$passwd, substr(pack('h*', md5(mt_rand())),0,8),4);
+ return '{SSHA}' .
base64_encode(mhash(MHASH_SHA1, $passwd.$salt) . $salt);
+ break;
+ case 'SHA':
+ return '{SHA}' .
base64_encode(mhash(MHASH_SHA1, $passwd));
+ break;
+ case 'CRYPT':
+ return '{CRYPT}' . crypt($passwd);
+ break;
+ case 'SMD5':
+ $salt = substr(md5(time() . mt_rand() .
$passwd),0,8);
+ return '{SMD5}' . $salt . md5($salt .
$passwd);
+ break;
+ // Default type is MD5 no salt
+ case 'MD5':
+ default:
+ return '{MD5}' . md5($passwd);
+ }
+ }
- if ($dbresult->EOF)
+ function _verify_password($u_passwd,$h_passwd,$type)
+ {
+ switch ($type)
{
- return false;
+ case 'SSHA':
+ $h_passwd =
base64_decode($h_passwd);
+ $original_hash = substr($h_passwd, 0,
20);
+ $salt = substr($h_passwd, 20);
+ $new_hash = mhash(MHASH_SHA1,
$u_passwd . $salt);
+ if ($original_hash == $new_hash)
+ {
+ return true;
+ }
+ break;
+ case 'SHA':
+ if (base64_encode(mhash(MHASH_SHA1,
$u_passwd)) == $h_passwd)
+ {
+ return true;
+ }
+ break;
+ case 'CRYPT':
+ // FIXME: This isn't working, I can't
figure out why
+ // Even if I pass crypt() the
correct salt
+ // It returns a different hash
+
ereg('\$([1-2]{1})\$(.*)\$(.*)',$h_passwd,$matches);
+ list(,$_type,$salt,$original_hash) =
$matches;
+
+ if (crypt($u_passwd,$salt) ==
$original_hash)
+ {
+ return true;
+ }
+ break;
+ case 'SMD5':
+ $salt = substr($h_passwd,0,8);
+ if ($salt . md5($salt . $u_passwd) ==
$h_passwd)
+ {
+ return true;
+ }
+ break;
+ // Default type is MD5 no salt
+ case 'MD5':
+ default:
+ if (md5($u_passwd) == $h_passwd)
+ {
+ return true;
+ }
}
- else
+
+ return false;
+ }
+
+ function authenticate($username, $passwd)
+ {
+ $dbresult = $GLOBALS['phpgw']->db->Execute("
+ SELECT
+ account_id,
+ account_pwd
+ FROM
+ phpgw_accounts
+ WHERE
+ account_lid='" . $username . "'
+ AND
+ account_status='A'
+ AND
+ account_expires > now()
+ ");
+
+
ereg('\{(.*)\}(.*)',$dbresult->fields['account_pwd'],$v);
+ $type = $v[1];
+ $h_passwd = ($v[2] ? $v[2] :
$dbresult->fields['account_pwd']);
+
+ if ($this->_verify_password($passwd,$h_passwd,$type))
{
$this->previous_login =
$dbresult->fields['account_lastlogin'];
return true;
}
+ else
+ {
+ return false;
+ }
}
// FIXME: This should check the current password before
allowing a password change for current user
@@ -63,8 +150,14 @@
$args->set('account_id', NOTSET, 'string');
$args = $args->get(func_get_args());
- $dbresult = $GLOBALS['phpgw']->db->Execute("update
phpgw_accounts set account_pwd='" . md5($args['new_passwd']) . "' where
account_id='"
- . $args['account_id'] . "'");
+ $dbresult = $GLOBALS['phpgw']->db->Execute("
+ UPDATE
+ phpgw_accounts
+ SET
+ account_pwd='" .
$this->_create_password($args['new_passwd']) . "'
+ WHERE
+ account_id='" .
$args['account_id'] . "'
+ ");
return ($GLOBALS['phpgw']->db->affected_rows() ? true :
false);
}
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] api/auth/class.auth_sql.php, 1.1.1.1.2.9,
nomail <=