[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] api/class.auth.php, 1.1.1.1.2.9
|
From: |
nomail |
|
Subject: |
[Phpgroupware-cvs] api/class.auth.php, 1.1.1.1.2.9 |
|
Date: |
Mon, 28 Jun 2004 23:40:56 +0200 |
Update of /api
Modified Files:
Branch: proposal-branch
class.auth.php
date: 2004/06/28 21:40:56; author: jengo; state: Exp; lines: +76 -1
Log Message:
- Changed parameter order on auth->change_password()
- There is now a base class (api_auth_base) which api_auth_* extends off,
_create_password() and _verify_password() were moved into it since they are
shared.
- Presently, in order to change your password you need to have ACL rights to
edit accounts. This is only temp so it allows me to make some other fixes. I
also did this becuase normal users will have to enter there current password in
order to change theres. Which will also be required from all interfaces.
- New accounts call auth->create_password and use the system default now
=====================================================================
Index: api/class.auth.php
diff -u api/class.auth.php:1.1.1.1.2.8 api/class.auth.php:1.1.1.1.2.9
--- api/class.auth.php:1.1.1.1.2.8 Mon Jun 28 21:18:56 2004
+++ api/class.auth.php Mon Jun 28 21:40:56 2004
@@ -58,5 +58,80 @@
{
$GLOBALS['phpgw_data']['server']['auth_type'] = 'sql';
}
+
+ class api_auth_base
+ {
+ function _create_password($passwd)
+ {
+ switch
($GLOBALS['phpgw_data']['server']['password_type'])
+ {
+ case 'SSHA':
+ mt_srand((double)microtime()*1000000);
+ $salt = mhash_keygen_s2k(MHASH_SHA1,
$passwd, substr(pack('h*', md5(mt_rand())),0,8),4);
+ return '{SSHA}' .
base64_encode(mhash(MHASH_SHA1, $passwd.$salt) . $salt);
+ break;
+ case 'SHA':
+ return '{SHA}' .
base64_encode(mhash(MHASH_SHA1, $passwd));
+ break;
+ case 'CRYPT':
+ return '{CRYPT}' . crypt($passwd);
+ break;
+ case 'SMD5':
+ $salt = substr(md5(time() . mt_rand() .
$passwd),0,8);
+ return '{SMD5}' . $salt . md5($salt .
$passwd);
+ break;
+ // Default type is MD5 no salt
+ case 'MD5':
+ default:
+ return '{MD5}' . md5($passwd);
+ }
+ }
+
+ function _verify_password($u_passwd,$h_passwd,$type)
+ {
+ switch ($type)
+ {
+ case 'SSHA':
+ $h_passwd =
base64_decode($h_passwd);
+ $original_hash = substr($h_passwd, 0,
20);
+ $salt = substr($h_passwd, 20);
+ $new_hash = mhash(MHASH_SHA1,
$u_passwd . $salt);
+ if ($original_hash == $new_hash)
+ {
+ return true;
+ }
+ break;
+ case 'SHA':
+ if (base64_encode(mhash(MHASH_SHA1,
$u_passwd)) == $h_passwd)
+ {
+ return true;
+ }
+ break;
+ case 'CRYPT':
+ if (crypt($u_passwd,$h_passwd) ==
$h_passwd)
+ {
+ return true;
+ }
+ break;
+ case 'SMD5':
+ $salt = substr($h_passwd,0,8);
+ if ($salt . md5($salt . $u_passwd) ==
$h_passwd)
+ {
+ return true;
+ }
+ break;
+ // Default type is MD5 no salt
+ case 'MD5':
+ default:
+ if (md5($u_passwd) == $h_passwd)
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+ }
+
include_once(PHPGW_API.SEP.'auth'.SEP.'class.auth_'.$GLOBALS['phpgw_data']['server']['auth_type'].'.php');
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] api/class.auth.php, 1.1.1.1.2.9,
nomail <=