[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] api/auth/class.auth_sql.php, 1.1.1.1.2.11
|
From: |
nomail |
|
Subject: |
[Phpgroupware-cvs] api/auth/class.auth_sql.php, 1.1.1.1.2.11 |
|
Date: |
Mon, 28 Jun 2004 23:40:58 +0200 |
Update of /api/auth
Modified Files:
Branch: proposal-branch
class.auth_sql.php
date: 2004/06/28 21:40:58; author: jengo; state: Exp; lines: +10 -76
Log Message:
- Changed parameter order on auth->change_password()
- There is now a base class (api_auth_base) which api_auth_* extends off,
_create_password() and _verify_password() were moved into it since they are
shared.
- Presently, in order to change your password you need to have ACL rights to
edit accounts. This is only temp so it allows me to make some other fixes. I
also did this becuase normal users will have to enter there current password in
order to change theres. Which will also be required from all interfaces.
- New accounts call auth->create_password and use the system default now
=====================================================================
Index: api/auth/class.auth_sql.php
diff -u api/auth/class.auth_sql.php:1.1.1.1.2.10
api/auth/class.auth_sql.php:1.1.1.1.2.11
--- api/auth/class.auth_sql.php:1.1.1.1.2.10 Tue Jun 22 21:51:54 2004
+++ api/auth/class.auth_sql.php Mon Jun 28 21:40:58 2004
@@ -25,84 +25,13 @@
/* $Id$ */
/* $Source$ */
- class api_auth
+ class api_auth extends api_auth_base
{
function api_auth()
{
}
- function _create_password($passwd)
- {
- switch
($GLOBALS['phpgw_data']['server']['password_type'])
- {
- case 'SSHA':
- mt_srand((double)microtime()*1000000);
- $salt = mhash_keygen_s2k(MHASH_SHA1,
$passwd, substr(pack('h*', md5(mt_rand())),0,8),4);
- return '{SSHA}' .
base64_encode(mhash(MHASH_SHA1, $passwd.$salt) . $salt);
- break;
- case 'SHA':
- return '{SHA}' .
base64_encode(mhash(MHASH_SHA1, $passwd));
- break;
- case 'CRYPT':
- return '{CRYPT}' . crypt($passwd);
- break;
- case 'SMD5':
- $salt = substr(md5(time() . mt_rand() .
$passwd),0,8);
- return '{SMD5}' . $salt . md5($salt .
$passwd);
- break;
- // Default type is MD5 no salt
- case 'MD5':
- default:
- return '{MD5}' . md5($passwd);
- }
- }
-
- function _verify_password($u_passwd,$h_passwd,$type)
- {
- switch ($type)
- {
- case 'SSHA':
- $h_passwd =
base64_decode($h_passwd);
- $original_hash = substr($h_passwd, 0,
20);
- $salt = substr($h_passwd, 20);
- $new_hash = mhash(MHASH_SHA1,
$u_passwd . $salt);
- if ($original_hash == $new_hash)
- {
- return true;
- }
- break;
- case 'SHA':
- if (base64_encode(mhash(MHASH_SHA1,
$u_passwd)) == $h_passwd)
- {
- return true;
- }
- break;
- case 'CRYPT':
- if (crypt($u_passwd,$h_passwd) ==
$h_passwd)
- {
- return true;
- }
- break;
- case 'SMD5':
- $salt = substr($h_passwd,0,8);
- if ($salt . md5($salt . $u_passwd) ==
$h_passwd)
- {
- return true;
- }
- break;
- // Default type is MD5 no salt
- case 'MD5':
- default:
- if (md5($u_passwd) == $h_passwd)
- {
- return true;
- }
- }
-
- return false;
- }
-
function authenticate($username, $passwd)
{
$dbresult = $GLOBALS['phpgw']->db->Execute("
@@ -139,11 +68,16 @@
function change_password()
{
$args = new safe_args();
- $args->set('current_passwd', REQUIRED, 'any');
- $args->set('new_passwd', REQUIRED, 'string');
- $args->set('account_id', NOTSET, 'string');
+ $args->set('new_passwd',REQUIRED,'string');
+ $args->set('current_passwd',NOVAR,'string');
+
$args->set('account_id',$GLOBALS['phpgw_data']['user']['id'],'integer');
$args = $args->get(func_get_args());
+ if (! strlen($args['current_password']) && !
$GLOBALS['phpgw']->acl->check('api.account_mgr.edit'))
+ {
+ return false;
+ }
+
$dbresult = $GLOBALS['phpgw']->db->Execute("
UPDATE
phpgw_accounts
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] api/auth/class.auth_sql.php, 1.1.1.1.2.11,
nomail <=